March Sale - Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpm65

VA-002-P HashiCorp Certified: Vault Associate Questions and Answers

Questions 4

When using constraint expressions to signify a version of a provider, which of the following are valid provider versions that satisfy the expression found in the following code snippet: (select two)

1. terraform {

2. required_providers {

3. aws = "~> 1.2.0"

4. }

5. }

Options:

A.

1.2.9

B.

1.3.1

C.

1.3.0

D.

1.2.3

Buy Now
Questions 5

When configuring Vault replication and monitoring its status, you keep seeing something called 'WALs'. What are WALs?

Options:

A.

wake after lan

B.

warning of allocated logs

C.

write-ahead log

D.

write along logging

Buy Now
Questions 6

The security barrier protects all of the following Vault components except ___.

Options:

A.

secret engine

B.

auth method

C.

storage backend

D.

audit devices

E.

token store

Buy Now
Questions 7

Which of the following connection types are supported by the remote-exec provisioner? (select two)

Options:

A.

rdp

B.

smb

C.

ssh

D.

winrm

Buy Now
Questions 8

After logging into the Vault UI, a user complains that they cannot enable Replication. Why would the replication configuration be missing?

Options:

A.

replication wasn't configured in the Vault configuration file

B.

replication hasn't been enabled

C.

Vault is running an open-source version

D.

replication configuration isn't available in the UI

Buy Now
Questions 9

Which of the following cloud providers are not supported by Vault secrets engines?

Options:

A.

Oracle

B.

Azure

C.

AWS

D.

GCP

E.

AliCloud

Buy Now
Questions 10

Permissions for Vault backend functions are available at which path?

Options:

A.

security/

B.

admin/

C.

backend/

D.

system/

E.

vault/

F.

sys/

Buy Now
Questions 11

True or False:

Workspaces provide identical functionality in the open-source, Terraform Cloud, and Enterprise versions of Terraform.

Options:

A.

True

B.

False

Buy Now
Questions 12

What is the proper command to enable the AWS secrets engine at the default path?

Options:

A.

vault enable secrets aws

B.

vault secrets aws enable

C.

vault secrets enable aws

D.

vault enable aws secrets engine

Buy Now
Questions 13

Which of the following is not a valid Terraform string function?

Options:

A.

tostring

B.

replace

C.

format

D.

join

Buy Now
Questions 14

After executing a terraform apply, you notice that a resource has a tilde (~) next to it. What does this infer?

Options:

A.

the resource will be destroyed and recreated

B.

the resource will be created

C.

Terraform can't determine how to proceed due to a problem with the state file

D.

the resource will be updated in place

Buy Now
Questions 15

You've logged into the Vault CLI and attempted to enable an auth method, but received this error message. What can be done to resolve the error and configure Vault?

Error enabling userpass auth: Post https://127.0.0.1:8200/v1/sys/auth/userpass: http: server gave HTTP response to HTTPS client

Options:

A.

change 'userpass' to 'username and password'

B.

restart the Vault service on this node

C.

set the VAULT_ADDR environment variable to HTTP

D.

ask an admin to grant you permission to enable the userpass auth method

Buy Now
Questions 16

Which TCP port does Vault replication use?

Options:

A.

8200

B.

8201

C.

8300

D.

8301

Buy Now
Questions 17

Vault secrets engines are used to do what with data? (select three)

Options:

A.

copy

B.

generate

C.

store

D.

transmit

E.

encrypt

Buy Now
Questions 18

In regards to Terraform state file, select all the statements below which are correct: (select four)

Options:

A.

storing state remotely can provide better security

B.

the Terraform state can contain sensitive data, therefore the state file should be protected from unauthorized access

C.

Terraform Cloud always encrypts state at rest

D.

using the mask feature, you can instruct Terraform to mask sensitive data in the state file

E.

when using local state, the state file is stored in plain-text

F.

the state file is always encrypted at rest

Buy Now
Questions 19

What Terraform feature is shown in the example below?

1. resource "aws_security_group" "example" {

2. name = "sg-app-web-01"

3. dynamic "ingress" {

4. for_each = var.service_ports

5. content {

6. from_port = ingress.value

7. to_port = ingress.value

8. protocol = "tcp"

9. }

10. }

11. }

Options:

A.

data source

B.

dynamic block

C.

local values

D.

conditional expression

Buy Now
Questions 20

Why might a user opt to include the following snippet in their configuration file?

1. terraform {

2. required_version = ">= 0.12"

3. }

Options:

A.

this ensures that all Terraform providers are above a certain version to match the application being deployed

B.

the user wants to ensure that the application being deployed is a minimum version of 0.12

C.

versions before Terraform 0.12 were not approved by HashiCorp to be used in production

D.

Terraform 0.12 introduced substantial changes to the syntax used to write Terraform configuration

Buy Now
Questions 21

What command is used to renew a token, if permitted?

Options:

A.

vault operator token renew

B.

vault token update

C.

vault new

D.

vault update token

E.

vault token renew

F.

vault renew token

Buy Now
Questions 22

From the answers below, select the advantages of using Infrastructure as Code. (select four)

Options:

A.

Easily integrate with application workflows (GitLab Actions, Azure DevOps, CI/CD tools)

B.

Safely test modifications using a "dry run" before applying any actual changes

C.

Provide reusable modules for easy sharing and collaboration

D.

Easily change and update existing infrastructure

E.

Provide a codified workflow to develop customer-facing applications

Buy Now
Questions 23

Given the following screenshot, how many secrets engines have been enabled?

VA-002-P Question 23

Options:

A.

4

B.

3

C.

5

D.

2

Buy Now
Questions 24

True or False: Provisioners should only be used as a last resort.

Options:

A.

true

B.

false

Buy Now
Questions 25

True or False:

A list(...) may contain a number of values of the same type while an object(...) can contain a number of values of different types.

Options:

A.

True

B.

False

Buy Now
Questions 26

In terraform, most resource dependencies are handled automatically. Which of the following statements describes best how terraform resource dependencies are handled?

Options:

A.

The terraform binary contains a built-in reference map of all defined Terraform resource dependencies. Updates to this dependency map are reflected in terraform versions. To ensure you are working with the latest resource dependency map you much be running the latest version of Terraform.

B.

Terraform analyses any expressions within a resource block to find references to other objects and treats those references as implicit ordering requirements when creating, updating, or destroying resources.

C.

Resource dependencies are identified and maintained in a file called resource. dependencies. Each terraform provider is required to maintain a list of all resource dependencies for the provider and it's included with the plugin during initialization when terraform init is executed. The file is located in the terraform.d folder.

D.

Resource dependencies are handled automatically by the depends_on meta_argument, which is set to true by default.

Buy Now
Questions 27

What are the benefits of using Infrastructure as Code? (select five)

Options:

A.

Infrastructure as Code easily replaces development languages such as Go and .Net for application development

B.

Infrastructure as Code allows a user to turn a manual task into a simple, automated deployment

C.

Infrastructure as Code is relatively simple to learn and write, regardless of a user's prior experience with developing code

D.

Infrastructure as Code is easily repeatable, allowing the user to reuse code to deploy similar, yet different resources

E.

Infrastructure as Code provides configuration consistency and standardization among deployments

F.

Infrastructure as Code gives the user the ability to recreate an application's infrastructure for disaster recovery scenarios

Buy Now
Questions 28

True or False: You can migrate the Terraform backend but only if there are no resources currently being managed.

Options:

A.

False

B.

True

Buy Now
Questions 29

Which of the following Vault features is available only in the Enterprise version? (select three)

Options:

A.

MFA

B.

dynamic credentials

C.

cloud auto unseal

D.

replication

E.

auto unseal with HSM

Buy Now
Questions 30

If a client is currently assigned the following policy, what additional policy can be added to ensure they cannot access the data stored at secret/apps/confidential but still, read all other secrets?

Options:

A.

path "secret/apps/confidential/*" {

capabilities = ["deny"]

}

B.

path "secret/apps/*" {

capabilities = ["deny"]

}

C.

path "secret/apps/confidential" {

capabilities = ["deny"]

}

D.

path "secret/apps/*" {

capabilities = ["create", "read", "update", "delete", "list"]

}

path "secret/*" {

capabilities = ["read", "deny"]

}

Buy Now
Exam Code: VA-002-P
Exam Name: HashiCorp Certified: Vault Associate
Last Update: Mar 23, 2024
Questions: 200

PDF + Testing Engine

$75.95  $216.99

Testing Engine

$53.2  $151.99
buy now VA-002-P testing engine

PDF (Q&A)

$49  $139.99
buy now VA-002-P pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 29 Mar 2024