Summer Certification Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Pass the HashiCorp Security Automation Certification HCVA0-003 Questions and answers with ValidTests

Exam HCVA0-003 All Questions
Exam HCVA0-003 Premium Access

View all detail and faqs for the HCVA0-003 exam

Viewing page 9 out of 10 pages
Viewing questions 81-90 out of questions
Questions # 81:

A developer team requests integration of their legacy application with Vault to encrypt and decrypt data for a backend database. They cannot modify the application for Vault authentication. What is the best way to achieve this integration?

Options:

A.

Enable the Transit secrets engine and configure the secrets engine to send data directly to the legacy app

B.

Have the app team call the Vault API to encrypt and decrypt the required data

C.

Enable and configure the Kubernetes auth method to allow the application to authenticate to Vault using a JWT

D.

Run the Vault Agent on the application server(s) and use the Auto Auth feature to manage the tokens

Expert Solution
Questions # 82:

True or False? After rotating a transit encryption key, all data encrypted with the previous version must be rewrapped or re-encrypted with the new key.

Options:

A.

True

B.

False

Expert Solution
Questions # 83:

True or False? Your organization currently runs all of its workloads on Google Cloud Platform (GCP). Recently, Vault has been deployed, and you need to select an auth method to authenticate your workloads with Vault. Based on this information, GCP is the only auth method that can be used in your environment.

Options:

A.

True

B.

False

Expert Solution
Questions # 84:

Your organization runs workloads on both AWS and Azure for production applications. The security team has requested that a single Vault authentication mechanism be enabled to support applications on both public cloud platforms. Which of the following would be a valid auth method you can use?

Options:

A.

AWS

B.

GitHub

C.

AppRole

D.

Azure

Expert Solution
Questions # 85:

Your organization has enabled the LDAP auth method on the path of corp-auth/. When you access the Vault UI, you cannot log in despite providing the correct credentials. Based on the screenshot below, what action should you take to log in?

Question # 85

Options:

A.

Select corp-auth from the dropdown list

B.

Enter the username as corp-auth/bryan.krausen

C.

Select More Options and enter the Mount path that LDAP was enabled on (corp-auth/)

D.

Change to the Namespace of corp-auth before trying to authenticate

Expert Solution
Questions # 86:

How long does the Transit secrets engine store the resulting ciphertext by default?

Options:

A.

24 hours

B.

30 days

C.

32 days

D.

Transit does not store data

Questions # 87:

From the options below, select the benefits of using the PKI (x.509 certificates) secrets engine (select three):

Options:

A.

TTLs on Vault certs are longer to ensure certificates are valid for a longer period of time

B.

Reducing, or eliminating certificate revocations

C.

Reduces time to get a certificate by eliminating the need to generate a private key and CSR

D.

Vault can act as an intermediate CA

Questions # 88:

After issuing the command to delete a secret, you run a vault kv list command, but the path to the secret still seems to exist. What command would permanently delete the path from Vault?

Question # 88

Options:

A.

vault kv delete -force kv/applications/app01

B.

vault kv destroy -versions=1 kv/applications/app01

C.

vault kv metadata delete kv/applications/app01

D.

vault kv delete -all kv/applications/app01

Questions # 89:

From the options below, select the auth methods that are better suited for machine-to-machine authentication (select five):

Options:

A.

Kubernetes

B.

GitHub

C.

TLS

D.

Token

E.

AppRole

F.

AWS

G.

LDAP

Questions # 90:

True or False? When encrypting data with the Transit secrets engine, Vault always stores the ciphertext in a dedicated KV store along with the associated encryption key.

Options:

A.

True

B.

False

Viewing page 9 out of 10 pages
Viewing questions 81-90 out of questions