1. What is HashiCorp Vault?
a. A configuration management tool
b. A secret management tool
c. A version control system
d. A monitoring tool
Answer: b. A secret management tool
2. What are the key features of HashiCorp Vault?
a. Key management, dynamic secrets, data encryption
b. Configuration management, logging, monitoring
c. Load balancing, caching, authentication
d. Database management, file storage, task scheduling
Answer: a. Key management, dynamic secrets, data encryption
3. What is the purpose of dynamic secrets in HashiCorp Vault?
a. To generate dynamic access tokens
b. To manage static credentials
c. To handle authentication
d. To encrypt data at rest
Answer: a. To generate dynamic access tokens
4. Which authentication methods does HashiCorp Vault support?
a. Username/password and multi-factor authentication (MFA)
b. LDAP and SAML
c. Token-based and GitHub
d. OAuth and API key
Answer: b. LDAP and SAML
5. How does HashiCorp Vault handle secret storage?
a. Stores secrets in plaintext
b. Stores secrets using encryption and access control policies
c. Uses public-key cryptography for secret storage
d. Stores secrets in a separate external database
Answer: b. Stores secrets using encryption and access control policies
6. Which backend storage options are supported by HashiCorp Vault?
a. PostgreSQL and MySQL
b. Amazon S3 and Google Cloud Storage
c. Redis and Cassandra
d. In-memory storage only
Answer: b. Amazon S3 and Google Cloud Storage
7. What is a Vault token in HashiCorp Vault?
a. A unique identifier for a secret
b. A form of dynamic secret
c. An access credential used for authentication and authorization
d. A hashing algorithm used for data encryption
Answer: c. An access credential used for authentication and authorization
8. How can you revoke a Vault token in HashiCorp Vault?
a. Manually delete the token from the storage backend
b. Wait for the token to expire
c. Use the "vault token revoke" command
d. Reset the token expiration time
Answer: c. Use the "vault token revoke" command
9. What is a policy in HashiCorp Vault?
a. A set of rules that define access control for secrets
b. A type of secret engine
c. A method of token generation
d. A secret encryption algorithm
Answer: a. A set of rules that define access control for secrets
10. What is the purpose of secret engines in HashiCorp Vault?
a. To manage token expiration policies
b. To store and generate dynamic secrets
c. To authenticate users
d. To encrypt and decrypt data
Answer: b. To store and generate dynamic secrets
11. Which authentication method is suitable for machine-to-machine communication in HashiCorp Vault?
a. AppRole authentication
b. LDAP authentication
c. Token-based authentication
d. GitHub authentication
Answer: a. AppRole authentication
12. What is the purpose of Vault replication in HashiCorp Vault?
a. To synchronize secret engines across multiple nodes
b. To replicate the entire Vault cluster for backup
c. To handle token management
d. To monitor system performance
Answer: a. To synchronize secret engines across multiple nodes
13. How does HashiCorp Vault handle secret leasing and renewal?
a. Automatically renews secrets based on a configurable lease duration
b. Requires manual renewal by the application using the secret
c. Automatically revokes secrets after a set period
d. Has no mechanism for secret renewal
Answer: a. Automatically renews secrets based on a configurable lease duration
14. What is the purpose of the Vault audit backend in HashiCorp Vault?
a. To manage authentication requests
b. To log all interactions with Vault for auditing and compliance
c. To handle token expiration
d. To store secrets securely
Answer: b. To log all interactions with Vault for auditing and compliance
15. Which programming languages have official Vault SDKs provided by HashiCorp?
a. Python and JavaScript
b. Java and Ruby
c. Go and Node.js
d. PHP and C++
Answer: c. Go and Node.js
16. What is a mount point in HashiCorp Vault?
a. The location where a secret engine is mounted within the Vault hierarchy
b. The endpoint for Vault API calls
c. The root directory of the Vault installation
d. The point where tokens are generated in Vault
Answer: a. The location where a secret engine is mounted within the Vault hierarchy
17. What is token wrapping in HashiCorp Vault?
a. A method to securely wrap tokens for storage and distribution
b. A token-based authentication method
c. A way to generate temporary tokens
d. A method to revoke tokens
Answer: a. A method to securely wrap tokens for storage and distribution
18. How does HashiCorp Vault handle data encryption at rest?
a. Uses a separate encryption service
b. Utilizes the Vault transit secret engine
c. Stores data in plaintext for performance
d. Relies on the underlying storage backend for encryption
Answer: b. Utilizes the Vault transit secret engine
19. What is the purpose of the Vault CLI in HashiCorp Vault?
a. To authenticate users
b. To manage secret engines
c. To interact with Vault via the command line
d. To store and retrieve secrets
Answer: c. To interact with Vault via the command line
20. Which cloud providers have official HashiCorp Vault integrations?
a. Amazon Web Services (AWS) and Microsoft Azure
b. Google Cloud Platform (GCP) and DigitalOcean
c. IBM Cloud and Oracle Cloud
d. All of the above
Answer: d. All of the above
21. What is a Cubbyhole response in HashiCorp Vault?
a. A form of secret storage
b. A type of authentication
c. An encryption algorithm
d. A type of policy
Answer: a. A form of secret storage
22. How does HashiCorp Vault handle disaster recovery?
a. By replicating data across multiple data centers
b. By periodically backing up the entire Vault cluster
c. By using redundant storage backends
d. Disaster recovery is not supported by Vault
Answer: a. By replicating data across multiple data centers
23. What is the purpose of the Vault control group in HashiCorp Vault?
a. To manage access policies for users and groups
b. To control the Vault server's behavior
c. To manage secret engines
d. To handle token expiration
Answer: a. To manage access policies for users and groups
24. How can you enable High Availability (HA) in HashiCorp Vault?
a. By installing a specific plugin
b. By configuring a storage backend with HA support
c. By setting a higher token expiration time
d. High Availability is enabled by default
Answer: b. By configuring a storage backend with HA support
25. What is the purpose of Vault namespaces in HashiCorp Vault?
a. To partition and isolate data and operations within a Vault cluster
b. To define secret types
c. To organize authentication methods
d. To manage token generation
Answer: a. To partition and isolate data and operations within a Vault cluster
26. How does Vault handle token revocation in HashiCorp Vault?
a. By deleting the token from the token store
b. By manually revoking the token through the CLI
c. By setting an expiration time for the token
d. Token revocation is not supported in Vault
Answer: b. By manually revoking the token through the CLI
27. What is the purpose of token helpers in HashiCorp Vault?
a. To automate token renewal
b. To manage token expiration policies
c. To generate random tokens
d. To handle token authentication
Answer: a. To automate token renewal
28. How does HashiCorp Vault handle secret versioning?
a. By automatically creating a new version for each secret update
b. By overwriting the existing secret with the updated value
c. By generating a new secret ID for each version
d. By encrypting the secret using a new algorithm for each version
Answer: a. By automatically creating a new version for each secret update
29. What is a seal in HashiCorp Vault?
a. A security measure to protect data in transit
b. A mechanism to lock down the Vault
c. An encryption key used for data encryption
d. A form of token
Answer: b. A mechanism to lock down the Vault
30. How does Vault handle disaster recovery in HashiCorp Vault?
a. By relying on redundant storage backends
b. By using a disaster recovery service provided by HashiCorp
c. By creating periodic backups
d. Disaster recovery is not supported in Vault
Answer: c. By creating periodic backups
31. What is the purpose of Vault agents in HashiCorp Vault?
a. To manage Vault authentication
b. To handle token expiration
c. To automate token renewal and leasing
d. To generate secret IDs
Answer: c. To automate token renewal and leasing
32. Which encryption mode does the Vault transit secret engine use?
a. AES-256
b. RSA-2048
c. GCM (Galois/Counter Mode)
d. DES (Data Encryption Standard)
Answer: c. GCM (Galois/Counter Mode)
Top comments (0)