Security requirements demand that no secrets appear in the shell history. Which command does not meet this requirement?
You have been tasked with writing a policy that will allow read permissions for all secrets at path secret/bar. The users that are assigned this policy should also be able to list the secrets. What should this policy look like?
How many Shamir's key shares are required to unseal a Vault instance?
Which Vault secret engine may be used to build your own internal certificate authority?
When using Integrated Storage, which of the following should you do to recover from possible data loss?
Use this screenshot to answer the question below:
Where on this page would you click to view a secret located at secret/my-secret?
Which of the following are replication methods available in Vault Enterprise? Choose two correct answers.
Where can you set the Vault seal configuration? Choose two correct answers.
When unsealing Vault, each Shamir unseal key should be entered:
To give a role the ability to display or output all of the end points under the /secrets/apps/* end point it would need to have which capability set?
Your organization has an initiative to reduce and ultimately remove the use of long lived X.509 certificates. Which secrets engine will best support this use case?
What command creates a secret with the key "my-password" and the value "53cr3t" at path "my-secrets" within the KV secrets engine mounted at "secret"?
Which of these is not a benefit of dynamic secrets?
Which of these are a benefit of using the Vault Agent?