The vault lease renew command increments the lease time from:
Which of the following statements are true about Vault policies? Choose two correct answers.
Answer : C, E
Vault does not need to be restarted in order for a policy change to take effect, as policies are stored and evaluated in memory. Any change to a policy is immediately reflected in the system, and any token or role that has that policy attached will be affected by the change.
You are performing a high number of authentications in a short amount of time. You're experiencing slow throughput for token generation. How would you solve this problem?
What command creates a secret with the key "my-password" and the value "53cr3t" at path "my-secrets" within the KV secrets engine mounted at "secret"?
Answer : A
The vault kv put command writes the data to the given path in the K/V secrets engine. The command requires the mount path of the K/V secrets engine, the secret path, and the key-value pair to store. The mount path can be specified with the -mount flag or as part of the secret path. The key-value pair can be given as an argument or read from a file or stdin. The correct syntax for the command is:
vault kv put -mount=secret my-secrets/my-password 53cr3t
or
vault kv put secret/my-secrets my-password=53cr3t
You are using the Vault userpass auth method mounted at auth/userpass. How do you create a new user named "sally" with password "h0wN0wB4r0wnC0w"? This new user will need the power-users policy.
A.
B.
C.
D.
Answer : D
To create a new user named ''sally'' with password ''h0wN0wB4r0wnC0w'' and the power-users policy, you would use the Vault userpass auth method mounted at auth/userpass. You would use the following command: ''vault write auth/userpass/users/sally password=h0wN0wB4r0wnC0w policies=power-users''. This command would create a new user named ''sally'' with the specified password and policy.Reference:
[Userpass Auth Method | Vault | HashiCorp Developer]
[Create Vault policies | Vault | HashiCorp Developer]