Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 4 Question 17 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 17
Topic #: 4
[All Vault-Associate Questions]

You have been tasked with writing a policy that will allow read permissions for all secrets at path secret/bar. The users that are assigned this policy should also be able to list the secrets. What should this policy look like?

A.

B.

C.

D.

Show Suggested Answer Hide Answer
Suggested Answer: A

The command vault secrets enable transit enables the transit secrets engine at the transit path. The transit secrets engine is a secrets engine that handles cryptographic functions on data in-transit, such as encryption, decryption, signing, verification, hashing, and random bytes generation. The transit secrets engine does not store the data sent to it, but only performs the requested operations and returns the results. The transit secrets engine can also be viewed as ''cryptography as a service'' or ''encryption as a service''. The command vault secrets enable transit uses the default path of transit for the secrets engine, but this can be changed by using the -path option. For example, vault secrets enable -path=my-transit transit would enable the transit secrets engine at the my-transit path.Reference:Transit - Secrets Engines | Vault | HashiCorp Developer,vault secrets enable - Command | Vault | HashiCorp Developer


by Izetta at May 23, 2024, 10:30 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Margot
1 months ago
I don't know about you, but I'm feeling pretty 'vault-y' about this question. Get it? Vault-y? Ah, forget it, I'll just pick Option C and move on.
upvoted 0 times
...
Miss
1 months ago
Option C all the way! It's like the Goldilocks of Vault policies - not too much, not too little, just right.
upvoted 0 times
Gracia
3 days ago
I see your point, but I still think Option B would be more effective in this scenario.
upvoted 0 times
...
Rodney
12 days ago
I disagree, I believe Option C is the most suitable for allowing read permissions for all secrets at path secret/bar.
upvoted 0 times
...
Bobbye
16 days ago
I think Option A is the best choice for this policy.
upvoted 0 times
...
...
Roselle
2 months ago
Hold up, is this a trick question? I'm gonna go with Option D just to be safe. Can't be too careful with these Vault certification exams, you know?
upvoted 0 times
Hildegarde
22 days ago
Yeah, I'm going with Option D as well. Can't take any chances with these exams.
upvoted 0 times
...
Chi
26 days ago
I agree, better safe than sorry. Option D it is.
upvoted 0 times
...
Kathryn
1 months ago
I think Option D is the safest choice too. Can't be too careful with permissions.
upvoted 0 times
...
...
Arletta
2 months ago
I'm torn between Option B and Option C. Both seem to achieve the same goal, but Option C might be a bit more concise. Hmm, decisions, decisions.
upvoted 0 times
...
Delisa
2 months ago
Option C looks good, it's the most straightforward way to grant read permissions and list secrets at the secret/bar path.
upvoted 0 times
...
Arthur
3 months ago
Yes, Option A seems to be the correct choice. It specifies the required permissions clearly.
upvoted 0 times
...
Luis
3 months ago
I agree with Arthur. Option A looks like it fits the requirements based on the image provided.
upvoted 0 times
...
Arthur
3 months ago
I think the policy should allow read permissions for all secrets at path secret/bar and also allow listing the secrets.
upvoted 0 times
...

Save Cancel