VA-002-P Dumps
VA-002-P Braindumps VA-002-P Real Questions VA-002-P Practice Test
VA-002-P Actual Questions
HashiCorp Certified: Vault Associate
https://killexams.com/pass4sure/exam-detail/VA-002-P
Explanation:
The prefix -/+ means that Terraform will destroy and recreate the resource, rather than updating it in-place. Some attributes and resources can be updated in-place and are shown with the ~ prefix.
Question: 128
True or False:
Multiple providers can be declared within a single Terraform configuration file. A . False
B . True
Answer: B Explanation:
Multiple provider blocks can exist if a Terraform configuration is composed of multiple providers, which is a common situation. To add multiple providers in your configuration,
declare the providers, and create resources associated with those providers.
Question: 129
Which type of Vault replication copies all data from Vault, including K/V data, policies, and client tokens? A . DR replication
B . performance replication C . failover replication
D . online replication
Answer: A Explanation:
Vault Enterprise supports multi-datacenter deployment where you can replicate data across data centers for performance as well as disaster recovery.
In DR replication, secondary clusters do not forward service read or write requests until they are elevated and become a new primary.
DR replicated cluster will replicate all data from the primary cluster, including tokens. A performance replicated cluster, however, will not replicate the tokens from the primary, as the performance replicated cluster will generate its own client tokens for requests made directly to it.
In performance replication, secondaries keep track of their own tokens and leases but share the underlying configuration, policies, and supporting secrets (K/V values, encryption keys for transit, etc).
Note: Failover and Online replication, there is no such replication exist in hashicorp vault.
Check below links for more details:-https://www.vaultproject.io/docs/enterprise/replication https://learn.hashicorp.com/vault/operations/ops-disaster-recovery
Question: 130
Using multi-cloud and provider-agnostic tools provides which of the following benefits? (select two)
A . operations teams only need to learn and manage a single tool to manage infrastructure, regardless of where the infrastructure is deployed
B . slower provisioning speed allows the operations team to catch mistakes before they are applied C . can be used across major cloud providers and VM hypervisors
D . increased risk due to all infrastructure relying on a single tool for management
Answer: A,C Explanation:
Using a tool like Terraform can be advantageous for organizations deploying workloads across multiple public and private cloud environments. Operations teams only need to learn a single tool, single language, and can use the same tooling to enable a DevOps-like experience and workflows.
Question: 131
After executing a terraform apply, you notice that a resource has a tilde (~) next to it. What does this infer?
A . the resource will be destroyed and recreated
B . the resource will be created
C . Terraform can’t determine how to proceed due to a problem with the state file D . the resource will be updated in place
Answer: D Explanation:
The prefix -/+ means that Terraform will destroy and recreate the resource, rather than updating it in-place. Some attributes and resources can be updated in-place and are shown with the ~ prefix.
Question: 132
Which of the following allows Terraform users to apply policy as code to enforce standardized configurations for resources being deployed via infrastructure as code?
A . functions B . workspaces
C . module registry D . sentinel
Answer: D
Explanation:
Sentinel is an embedded policy-as-code framework integrated with the HashiCorp Enterprise products. It enables fine- grained, logic-based policy decisions, and can be extended to use information from external sources.
Question: 133
You have been given requirements to create a security group for a new application. Since your organization standardizes on Terraform, you want to add this new security group with the fewest number of lines of code.
What feature could you use to iterate over a list of required tcp ports to add to the new security group? A . terraform import
B . splat expression C . dynamic block
D . dynamic backend
Answer: C Explanation:
A dynamic block acts much like a for expression but produces nested blocks instead of a complex typed value. It iterates over a given complex value and generates a nested block for each element of that complex value.
Question: 134
Which three interfaces can be used to access Vault? (select three) A . JSON
B . CLI C . RPC D . UI E . API
F . Consul
Answer: B,D,E Explanation:
Vault has three interfaces available.
The API can be used by a user or application, the CLI can be used by a user directly on the Vault server or remotely, and the UI can be used if it’s been enabled in the configuration file.
Question: 135
What happens when a terraform plan is executed?
A . the backend is initialized and the working directory is prepped
B . creates an execution plan and determines what changes are required to achieve the desired state in the configuration files.
C . applies the changes required in the target infrastructure in order to reach the desired configuration
D . reconciles the state Terraform knows about with the real-world infrastructure
Answer: B Explanation:
The terraform plan command is used to create an execution plan. Terraform performs a refresh, unless explicitly disabled, and then determines what actions are necessary to
achieve the desired state specified in the configuration files.
After a plan has been run, it can be executed by running a terraform apply
Question: 136
}
A . this ensures that all Terraform providers are above a certain version to match the application being deployed B . the user wants to ensure that the application being deployed is a minimum version of 0.12
C . versions before Terraform 0.12 were not approved by HashiCorp to be used in production
D . Terraform 0.12 introduced substantial changes to the syntax used to write Terraform configuration
Answer: D Explanation:
You can use required_version to ensure that a user deploying infrastructure is using Terraform 0.12 or greater, due to the vast number of changes that were introduced. As a result, many previously written configurations had to be converted or rewritten.
Question: 137
The command vault lease revoke -prefix aws/ will revoke all leases associated with the secret engine mounted at aws/ A . False
B . True
Answer: B Explanation:
The lease command groups subcommands for interacting with leases attached to secrets. Subcommands:
renew Renews the lease of a secret revoke Revokes leases and secrets
Using the ‘-prefix’ flag allows you to revoke the entire tree of secrets.
6$03/( 48(67,216
7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV
.LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP
'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU
.LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG