Which three interfaces can be used to access Vault? (select three)
Vault has three interfaces available.
The API can be used by a user or application, the CLI can be used by a user directly on the Vault server or remotely, and the UI can be used if it's been enabled in the configuration file.
True or False:
When using the transit secrets engine, setting the min_decryption_version will determine the minimum key length of the data key (i.e., 2048, 4096, etc.)
The Transit engine supports the versioning of keys. Key versions that are earlier than a key's specified min_decryption_version gets archived, and the rest of the key versions belong to the working set. This is a performance consideration to keep key loading fast, as well as a security consideration: by disallowing decryption of old versions of keys, found ciphertext corresponding to obsolete (but sensitive) data can not be decrypted by most users, but in an emergency, the min_decryption_version can be moved back to allow for legitimate decryption.
Reference link:- https://www.vaultproject.io/docs/secrets/transit
When multiple engineers start deploying infrastructure using the same state file, what is a feature of remote state storage that is critical to ensure the state does not become corrupt?
If supported by your backend, Terraform will lock your state for all operations that could write state. This prevents others from acquiring the lock and potentially corrupting your state.
State locking happens automatically on all operations that could write state. You won't see any message that it is happening. If state locking fails, Terraform will not continue. You can disable state locking for most commands with the -lock flag but it is not recommended.
What is the result of the following terraform function call?
lookup({a="hello", b="goodbye"}, "c", "what?")
lookup retrieves the value of a single element from a map, given its key. If the given key does not exist, the given default value is returned instead. In this case, the function call is searching for the key 'c'. But since there is no key 'c', the default vault 'what?' is returned.
https://www.terraform.io/docs/configuration/functions/lookup.html
Which of the following Vault features is available only in the Enterprise version? (select three)
Most of the important features of Vault are available in the open-source version, however, some of the features which are generally required by large organizations are only available in the Enterprise version such as:-
- MFA - Multi-factor Authentication
- Replication
- Auto unseal with HSM and many more.
Check all the features at the below link.
Reference link:- https://www.hashicorp.com/products/vault/pricing/
