Given the following screenshot, how many secrets engines have been enabled by a Vault user?

• A.2
• B.3
• C.4
• D.5

Comment: *

Name: *

Email: *

Verification: *

You are using an orchestrator to deploy a new application. Even though the orchestrator creates anew AppRole secret ID, security requires that only the new application has the combination of the role ID and secret ID. What feature can you use to meet these requirements?

• A.Have the application authenticate with the role ID to retrieve the secret ID
• B.Use response wrapping and provide the application server with the unwrapping token instead
• C.Use a batch token instead of a traditional service token
• D.Secure the communication between the orchestrator and Vault using TLS

Comment: *

Name: *

Email: *

Verification: *

Where do you define the Namespace to log into using the Vault Ul?
To answer this question
Use your mouse to click on the screenshot in the location described above. An arrow indicator will mark where you have clicked. Click the "Answer" button once you have positioned the arrow to answer the question. You may need to scroll down to see the entire screenshot.

Correct Answer:

Explanation:
The namespace can be defined in the "Mount path" field in the "Advanced options" section of the login screen. The mount path is the path where the auth method is enabled, and it can include a namespace prefix.
For example, if the LDAP auth method is enabled at the path ns1/auth/ldap, where ns1 is the namespace, then the mount path field should be set to ns1/auth/ldap. This way, the Vault UI will log in to the correct namespace and auth method. Alternatively, the namespace can also be specified in the URL of the Vault UI, such as https://vault.example.com/ui/vault/auth/ns1/auth/ldap/login.

Comment: *

Name: *

Email: *

Verification: *

You've hit the URL for the Vault UI, but you're presented with this screen. Why doesn't Vault present you with a way to log in?

• A.The Consul storage backend was not configured correctly
• B.Vault needs to be initialized before it can be used
• C.A Vault policy is preventing you from logging in
• D.The Vault configuration file has an incorrect configuration

Comment: *

Name: *

Email: *

Verification: *

Your company's security policies require that all encryption keys must be rotated at least once per year. After using the Transit secrets engine for a year, the Vault admin issues the proper command to rotate the key named ecommerce that was used to encrypt your data. What command can be used to easily re-encrypt the original data with the new version of the key?

• A.vault write -f transit/keys/ecommerce/rotate <old data>
• B.vault write -f transit/keys/ecommerce/update <old data>
• C.vault write transit/encrypt/ecommerce v1:v2 <old data>
• D.vault write transit/rewrap/ecommerce ciphertext=<old data>

Comment: *

Name: *

Email: *

Verification: *