Question 1

Your organization is integrating its legacy application with Vault to improve its security. However, you have discovered that the application has issues when the token changes for authentication during testing. What type of token could be used to help alleviate this issue without compromising security?

Options :

A : Periodic Service Token

B : Root Token

C : Orphan Service Token

D : Batch Token

Answer: A

Question 2

Which of the following is NOT a valid way in which a lease can be revoked in Vault?

Options :

A : Using the user interface (UI)

B : Automatically when the TTL or Max-TTL expires

C : Using the API to call the /v1/sys/leases endpoint

D : Via the CLI using the vault token command

Answer: D

Question 3

What is the default maximum time-to-live (TTL) for a token, measured in days?

Options :

A : 32 days (768 hours)

B : 7 days (168 hours)

C : 14 days (336 hours)

D : 31 days (744 hours)

Answer: A

Question 4

To give a role the ability to display or output all of the end points under the /secrets/apps/* end point it would need to have which capability set?

Options :

A : update

B : read

C : sudo

D : list

E : None of the above

Answer: C

Question 5

What is the proper command to enable the AWS secrets engine at the default path?

Options :

A : vault enable aws secrets engine

B : vault secrets enable aws

C : vault secrets aws enable

D : vault enable secrets aws

Answer: B