BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

HashiCorp Exam Vault-Associate Topic 7 Question 6 Discussion

Actual exam question for HashiCorp's Vault-Associate exam
Question #: 6
Topic #: 7
[All Vault-Associate Questions]

Vault supports which type of configuration for source limited token?

Show Suggested Answer Hide Answer
Suggested Answer: C

Vault supports CIDR-bound tokens, which are tokens that can only be used from a specific set of IP addresses or network ranges. This is a way to limit the scope and exposure of a token in case it is compromised or leaked. CIDR-bound tokens can be created by specifying the bound_cidr_list parameter when creating or updating a token role, or by using the -bound-cidr option when creating a token using the vault token create command. CIDR-bound tokens can also be created by some auth methods, such as AWS or Kubernetes, that can automatically bind the tokens to the source IP or network of the client.Reference:Token - Auth Methods | Vault | HashiCorp Developer,vault token create - Command | Vault | HashiCorp Developer


by Quentin at Nov 25, 2023, 02:47 AM

Limited Time Offer

25%

Off

Get Premium Vault-Associate Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Linn
7 months ago
Haha, you guys are really overthinking this. It's obviously cloud-bound tokens. I mean, what else would Vault use to restrict access to the cloud, right? *wink wink*
upvoted 0 times
...
Gertude
7 months ago
I'm not entirely convinced. Didn't we learn about certificate-bound tokens in the training? Those seem like they could also be a valid option for source-limited tokens.
upvoted 0 times
Starr
7 months ago
That's true. The correct answer is probably one of the options provided such as Cloud-bound tokens or Domain-bound tokens.
upvoted 0 times
...
Rex
7 months ago
But the question specifically asked for the type of configuration mentioned in the answer options.
upvoted 0 times
...
Sabina
7 months ago
Yeah, certificate-bound tokens could also be a valid option for source-limited tokens.
upvoted 0 times
...
Carin
7 months ago
D) Certificate-bound tokens
upvoted 0 times
...
Odette
7 months ago
C) CIDR-bound tokens
upvoted 0 times
...
Myra
7 months ago
B) Domain-bound tokens
upvoted 0 times
...
Carmen
7 months ago
A) Cloud-bound tokens
upvoted 0 times
...
...
Marge
7 months ago
Yeah, I was thinking the same thing. CIDR-bound tokens seem to be the most logical choice since they allow you to restrict access based on IP ranges. Though I'm not sure if the other options are completely out of the question.
upvoted 0 times
...
Rosalind
7 months ago
Hmm, this question seems a bit tricky. I'm not too familiar with Vault's token configuration options, but I think the CIDR-bound tokens might be the right answer here.
upvoted 0 times
...

Save Cancel