HCVA0-003 Free Practice Test

- (Topic 2)
Which auth method is ideal for machine-to-machine authentication?

1. A. Okta
2. B. UserPass
3. C. GitHub
4. D. AppRole

Correct Answer: D

- (Topic 5)
What can be used to limit the scope of a credential breach?

1. A. Storage of secrets in a distributed ledger
2. B. Enable audit logging
3. C. Use of a short-lived dynamic secrets
4. D. Sharing credentials between applications

Correct Answer: C

- (Topic 3)
Tom needs to set the proper environment variable so he doesn??t need to first authenticate to Vault toretrieve dynamically generated credentials for a database server. What environment variable does Tom need to set first before running commands?

1. A. VAULT_NAMESPACE
2. B. VAULT_TOKEN
3. C. VAULT_CAPATH
4. D. VAULT_CLIENT_KEY

Correct Answer: B

- (Topic 2)
An application has authenticated to Vault and has obtained dynamic database credentials with a lease of 4 hours. Four hours later, the credentials expire, and the application can no longer communicate with the backend database, so the application goes down. What should the developers instruct the application to do to prevent this from happening again while maintaining the same level of security?

1. A. Go back to using static credentials
2. B. Renew the lease before expiration
3. C. Revoke the lease before expiration
4. D. Use a different auth method

Correct Answer: B

- (Topic 1)
You??ve hit the URL for the Vault UI, but you??re presented with this screen. Why doesn??t Vault present you with a way to log in?

1. A. The Consul storage backend was not configured correctly
2. B. Vault needs to be initialized before it can be used
3. C. A Vault policy is preventing you from logging in
4. D. The Vault configuration file has an incorrect configuration

Correct Answer: B