When creating a dynamic secret in Vault, Vault returns what value that can be used to renew or revoke the lease?
A. lease_id
B. vault_accessor
C. revocation_access
D. token_revocation_id
In order to extend Vault beyond a data center or cloud regional boundary, what feature should be used?
A. plugins
B. secrets engine
C. replication
D. seal/unseal
E. snapshots
Which command is used to initialize Vault after first starting the Vault service?
A. vault create key
B. vault operator init
C. vault operator initialize keys
D. vault start
E. vault operator unseal
What is the result of the following Vault command?
vault auth enable userpass
A. Imports usernames and passwords from LDAP to the local database
B. allows Vault to access usernames and passwords stored in a second Vault cluster
C. Enables Vault to use external services to authenticate clients to Vault
D. mounts the userpass auth method to the default path
An application is trying to use a secret in which the lease has expired. What can be done in order for the application to successfully request data from Vault?
A. request a new secret and associated lease
B. try the expired secret in hopes it hasn't been deleted yet
C. request the TTL be extended for the secret
D. perform a lease renewal
Vault has failed to start. You inspect the log and find the error below. What needs to be changed in order to
successfully start Vault?
"Error parsing config.hcl: At 1:12: illegal char"
A. the " character cannot be used in the config file
B. fix the syntax error in the Vault configuration file
C. you must use single quotes vs double quotes in the config file
D. line 1 on the config file is blank
What type of token does not have a TTL (time to live)?
A. default tokens
B. parent tokens
C. user tokens
D. root tokens
E. expired tokens
F. child tokens
After creating a dynamic credential on a database, the DBA accidentally deletes the credentials on the database itself. When attempting to remove the lease, Vault returns an error stating that the credential cannot be found. What command can be run to coerce Vault to remove the secret?
A. vault lease -renew
B. vault lease revoke -force -prefix
C. vault revoke -apply
D. vault lease revoke -enforce
When Vault is sealed, which are the only two options available to a Vault administrator? (select two)
A. rotate the encryption key
B. unseal Vault
C. view the status of Vault
D. configure policies
E. author security policies
F. view data stored in the key/value store
Which auth method is ideal for machine to machine authentication?
A. GitHub
B. UserPass
C. AppRole
D. Okta
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only HashiCorp exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your VA-002-P exam preparations and HashiCorp certification application, do not hesitate to visit our Vcedump.com to find your solutions here.