Exam2pass
0 items Sign In or Register
  • Home
  • IT Exams
  • Guarantee
  • FAQs
  • Reviews
  • Contact Us
  • Demo
Exam2pass > HashiCorp > HashiCorp Certifications > VA-002-P > VA-002-P Online Practice Questions and Answers

VA-002-P Online Practice Questions and Answers

Questions 4

Vault configuration files can be written in what languages? (select two)

A. XML

B. JSON

C. YAML

D. HCL

Buy Now

Correct Answer: BD

The Vault configuration file supports either JSON or HCL, which is HashiCorp Configuration Language

Questions 5

An administrator wants to create a new KV mount for individual users to maintain their own secrets but needs a way to simplify the policy so they don't need to write a new one for each new user? With the requirements listed below, what would such a policy look like? Requirement: Each user can perform all operations on their allocated key/value secret path

A. path "user-kv/data/{{identity.entity.name}}/*" { capabilities = [ "create", "update", "read", "delete", "list" ] }

B. path "user-kv/data/{{identity.entity.id.name}}/*" { capabilities = [ "create", "update", "read", "delete", "list" ] }

C. path "user-kv/data/{{identity.entity.aliases.<>.id}}/*" { capabilities = [ "create", "update", "read", "delete", "list" ] }

D. path "user-kv/data/{{user}}/*" { capabilities = [ "create", "update", "read", "delete", "list" ] }

Buy Now

Correct Answer: A

Everything in the Vault is path-based, and policies are no exception. Policies provide a declarative way to grant or forbid access to certain paths and operations in Vault. The policy template makes it very flexible to customize the environment. By using parameters within your template, you can have Vault "insert" a value into the path based upon things like identity values, group membership, and metadata associated with either the user's identity or group they are a member of. Using the parameter, the path user-kv/data/{{identity.entity.name}}/* converts to user- kv/data/student01/*

Questions 6

You are deploying Vault in a local data center, but want to be sure you have a secondary cluster in the event the primary cluster goes offline. In the secondary data center, you have applications that are running, as they are architected to run active/active. Which type of replication would be best in this scenario?

A. disaster recovery replication

B. single-node replication

C. performance replication

D. end-to-end replication

Buy Now

Correct Answer: C

In this scenario, the key to answering is that there are applications actively running the secondary data center. Because of this, you can deploy Performance Replication and the applications can now use the Vault cluster in their respective data center. This reduces network latency for your applications and provides you with a secondary cluster for redundancy.

Questions 7

After enabling the vault to autocomplete feature, you type vault and press the tab button, but nothing happens. Why doesn't vault display the available completions?

1.

$ vault -autocomplete-install

2.

$ vault

A. your SSH client doesn't support autocompletion

B. the SSH session needs to be restarted upon installation

C. you don't have the permissions to use autocomplete

D. you didn't use -force when enabling the feature

Buy Now

Correct Answer: B

Be sure to restart your shell after installing autocompletion!

Questions 8

What is the proper command to enable the AWS secrets engine at the default path?

A. vault enable secrets aws

B. vault secrets aws enable

C. vault secrets enable aws

D. vault enable aws secrets engine

Buy Now

Correct Answer: C

The command format for enabling Vault features is vault , therefore the correct answer would be vault secrets enable aws

Questions 9

Select two answers to complete the following sentence:

Before a new provider can be used, it must be ______ and _______.

A. approved by HashiCorp

B. declared in the configuration

C. initialized

D. uploaded to source control

Buy Now

Correct Answer: BC

Each time a new provider is added to configuration -- either explicitly via a provider block or by adding a resource from that provider -- Terraform must initialize the provider before it can be used. Initialization downloads and installs the provider's plugin so that it can later be executed.

Questions 10

What are some of the problems of how infrastructure was traditionally managed before Infrastructure as Code? (select three)

A. Requests for infrastructure or hardware required a ticket, increasing the time required to deploy applications

B. Traditional deployment methods are not able to meet the demands of the modern business where resources tend to live days to weeks, rather than months to years

C. Traditionally managed infrastructure can't keep up with cyclic or elastic applications

D. Pointing and clicking in a management console is a scalable approach and reduces human error as businesses are moving to a multi-cloud deployment model

Buy Now

Correct Answer: ABC

Businesses are making a transition where traditionally-managed infrastructure can no longer meet the demands of today's businesses. IT organizations are quickly adopting the public cloud, which is predominantly API-driven. To meet customer demands and save costs, application teams are architecting their applications to support a much higher level of elasticity, supporting technology like containers and public cloud resources. These resources may only live for a matter of hours; therefore the traditional method of raising a ticket to request resources is no longer a viable option Pointing and clicking in a management console is NOT scale and increases the change of human error.

Questions 11

Select the answer below that completes the following statement: Terraform Cloud can be managed from the CLI but requires __________?

A. a TOTP token

B. a username and password

C. authentication using MFA

D. an API token

Buy Now

Correct Answer: D

API and CLI access are managed with API tokens, which can be generated in the Terraform Cloud UI. Each user can generate any number of personal API tokens, which allow access with their own identity and permissions. Organizations and teams can also generate tokens for automating tasks that aren't tied to an individual user.

Questions 12

Which of the following is not a valid Terraform string function?

A. tostring

B. replace

C. format

D. join

Buy Now

Correct Answer: A

tostring is not a string function, it is a type conversion function. tostring converts its argument to a string value. https://www.terraform.io/docs/configuration/functions/tostring.html

Questions 13

The Terraform language supports a number of different syntaxes for comments. Select all that are supported. (select three)

A. #

B. /* and */

C. <* and *>

D. //

Buy Now

Correct Answer: ABD

Terraform supports the #, //, and /*..*/ for commenting Terraform configuration files. Please use them when writing Terraform so both you and others who are using your code have a full understanding of what the code is intended to do. https://www.terraform.io/docs/configuration/syntax.html#comments

Exam Code: VA-002-P
Exam Name: HashiCorp Certified: Vault Associate
Last Update: Jul 03, 2025
Questions: 257

PDF (Q&A)

$45.99
ADD TO CART

VCE

$49.99
ADD TO CART

PDF + VCE

$59.99
ADD TO CART

Exam2Pass----The Most Reliable Exam Preparation Assistance

There are tens of thousands of certification exam dumps provided on the internet. And how to choose the most reliable one among them is the first problem one certification candidate should face. Exam2Pass provide a shot cut to pass the exam and get the certification. If you need help on any questions or any Exam2Pass exam PDF and VCE simulators, customer support team is ready to help at any time when required.

Home | Guarantee & Policy |  Privacy & Policy |  Terms & Conditions |  How to buy |  FAQs |  About Us |  Contact Us |  Demo |  Reviews

2025 Copyright @ exam2pass.com All trademarks are the property of their respective vendors. We are not associated with any of them.