HashiCorp Certified: Vault Associate (003)Exam - HCVA0-003 Exam Practice Test

A Vault cluster's listener configuration is shown in the exhibit.
Given the configuration displayed, what VAULT_ADDR environment variable value would target this cluster?
Exhibit:
listener " tcp " { address = " 10.0.0.50:8200 " tls_disable = true }

You have enabled the database secrets engine at the database/ path and created the readonly role. You run vault read, and the output shown in the exhibit is returned.
Which command renews the given lease?
Exhibit:
$ vault read database/creds/readonly
lease_id database/creds/readonly/fyF5xDomnKeCHNZNQgStwBKD
lease_duration 1h
lease_renewable true
password Ala-ckirtymYaXACplHn
username v-token-readonly-6iRIcGv8tLpu816oblPY-1556567086

You need to create a limited-privileged token that isn't impacted by the TTL of its parent. What type of token should you create?

The vault lease renew command increments the lease time from:

Your supervisor has requested that you log into Vault and update a policy for one of the development teams.
You successfully authenticated to Vault via OIDC but do not see a way to manage the Vault policies. Why are you unable to manage policies in the Vault UI?

A user logs into Vault through a configured LDAP auth method and notices that re-authentication is needed after every 8 hours.
Why would the user be required to log in again every 8 hours?

You have TBs of data encrypted by Vault stored in a database and are worried about Vault becoming unavailable and not being able to decrypt the data. Is it possible to export the encryption key to store it somewhere else in the event Vault becomes unavailable?

Which of the following actions can be performed if you only had access to a token's accessor? (Select four)

You are using Vault ' s Transit secrets engine to encrypt your data. You want to reduce the amount of content encrypted with a single key in case the key gets compromised. How would you do this?

Which of the following are benefits of Vault Agent Caching?
Pick the 2 correct responses below.

The HTTP POST method was used to invoke the Vault API endpoint /auth/ldap/login/:username.
Which statements describe this operation?
Pick the 2 correct responses below.

Based on the output below, how many policies have been added to Vault?
$ vault policy list
base
default
root
web-app-1
automation-team

You want to encrypt a credit card number using the Transit secrets engine. You enter the following command and receive an error. What can you do to ensure that the credit card number is properly encrypted and the ciphertext is returned?
$ vault write -format=json transit/encrypt/creditcards plaintext= " 1234 5678 9101 1121 " Error: * illegal base64 data at input byte 4

You have a new team member on the Vault operations team. Their first task is to rotate the encryption key in Vault as part of the organization's security policy. However, when they log in, they get an access denied error when attempting to rotate the key. The policy being used is below. Why can't the user rotate the encryption key?
path " auth/* " {
capabilities = [ " create " , " read " , " update " , " delete " , " list " ]
}
path " sys/rotate " {
capabilities = [ " read " , " update " ]
}