VA-002-P Dumps
VA-002-P Braindumps VA-002-P Real Questions VA-002-P Practice Test
VA-002-P Actual Questions
HashiCorp Certified: Vault Associate
https://killexams.com/pass4sure/exam-detail/VA-002-P
Explanation:
The prefix -/+ means that Terraform will destroy and recreate the resource, rather than updating it in-place. Some attributes and resources can be updated in-place and are shown with the ~ prefix.
Question: 128
True or False:
Multiple providers can be declared within a single Terraform configuration file. A . False
B . True
Multiple provider blocks can exist if a Terraform configuration is composed of multiple providers, which is a common situation. To add multiple providers in your configuration,
declare the providers, and create resources associated with those providers.
Question: 129
Which type of Vault replication copies all data from Vault, including K/V data, policies, and client tokens? A . DR replication
B . performance replication C . failover replication
D . online replication
Vault Enterprise supports multi-datacenter deployment where you can replicate data across data centers for performance as well as disaster recovery.
In DR replication, secondary clusters do not forward service read or write requests until they are elevated and become a new primary.
DR replicated cluster will replicate all data from the primary cluster, including tokens. A performance replicated cluster, however, will not replicate the tokens from the primary, as the performance replicated cluster will generate its own client tokens for requests made directly to it.
In performance replication, secondaries keep track of their own tokens and leases but share the underlying configuration, policies, and supporting secrets (K/V values, encryption keys for transit, etc).
Note: Failover and Online replication, there is no such replication exist in hashicorp vault.
Check below links for more details:-https://www.vaultproject.io/docs/enterprise/replication https://learn.hashicorp.com/vault/operations/ops-disaster-recovery
Question: 130
Using multi-cloud and provider-agnostic tools provides which of the following benefits? (select two)
A . operations teams only need to learn and manage a single tool to manage infrastructure, regardless of where the infrastructure is deployed
B . slower provisioning speed allows the operations team to catch mistakes before they are applied C . can be used across major cloud providers and VM hypervisors
D . increased risk due to all infrastructure relying on a single tool for management
Using a tool like Terraform can be advantageous for organizations deploying workloads across multiple public and private cloud environments. Operations teams only need to learn a single tool, single language, and can use the same tooling to enable a DevOps-like experience and workflows.
Question: 131
After executing a terraform apply, you notice that a resource has a tilde (~) next to it. What does this infer?
A . the resource will be destroyed and recreated
B . the resource will be created
C . Terraform can’t determine how to proceed due to a problem with the state file D . the resource will be updated in place
The prefix -/+ means that Terraform will destroy and recreate the resource, rather than updating it in-place. Some attributes and resources can be updated in-place and are shown with the ~ prefix.
Question: 132
Which of the following allows Terraform users to apply policy as code to enforce standardized configurations for resources being deployed via infrastructure as code?
A . functions B . workspaces
C . module registry D . sentinel
Explanation:
Sentinel is an embedded policy-as-code framework integrated with the HashiCorp Enterprise products. It enables fine- grained, logic-based policy decisions, and can be extended to use information from external sources.
Question: 133
You have been given requirements to create a security group for a new application. Since your organization standardizes on Terraform, you want to add this new security group with the fewest number of lines of code.
What feature could you use to iterate over a list of required tcp ports to add to the new security group? A . terraform import
B . splat expression C . dynamic block
D . dynamic backend
A dynamic block acts much like a for expression but produces nested blocks instead of a complex typed value. It iterates over a given complex value and generates a nested block for each element of that complex value.
Question: 134
Which three interfaces can be used to access Vault? (select three) A . JSON
B . CLI C . RPC D . UI E . API
F . Consul
Vault has three interfaces available.
The API can be used by a user or application, the CLI can be used by a user directly on the Vault server or remotely, and the UI can be used if it’s been enabled in the configuration file.
Question: 135
What happens when a terraform plan is executed?
A . the backend is initialized and the working directory is prepped
B . creates an execution plan and determines what changes are required to achieve the desired state in the configuration files.
C . applies the changes required in the target infrastructure in order to reach the desired configuration
D . reconciles the state Terraform knows about with the real-world infrastructure
The terraform plan command is used to create an execution plan. Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to
achieve the desired state specified in the configuration files.
After a plan has been run, it can be executed by running a terraform apply
Question: 136
}
A . this ensures that all Terraform providers are above a certain version to match the application being deployed B . the user wants to ensure that the application being deployed is a minimum version of 0.12
C . versions before Terraform 0.12 were not approved by HashiCorp to be used in production
D . Terraform 0.12 introduced substantial changes to the syntax used to write Terraform configuration
You can use required_version to ensure that a user deploying infrastructure is using Terraform 0.12 or greater, due to the vast number of changes that were introduced. As a result, many previously written configurations had to be converted or rewritten.
Question: 137
The command vault lease revoke -prefix aws/ will revoke all leases associated with the secret engine mounted at aws/ A . False
B . True
The lease command groups subcommands for interacting with leases attached to secrets. Subcommands:
renew Renews the lease of a secret revoke Revokes leases and secrets
Using the ‘-prefix’ flag allows you to revoke the entire tree of secrets.