Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

When architecting a Vault replication configuration, why should you never terminate TLS on a front-end load balancer?

A.

If Vault detects that the traffic has been unencrypted and re-encrypted, due to the load balancer, it will automatically drop the traffic as it is no longer trusted.

B.

Vault generates self-signed mutual TLS for replication. If the LB is performing TLS termination, this will break the mutual TLS between nodes.

C.

Vault requires that only Consul service discovery can be used to direct traffic to an active Vault node.

D.

Vault replication won't work with the type of certificates that a traditional load balancer uses.

When registering a plugin with Vault, where would you configure the location where the binaries are located in order for Vault to properly register the plugin?

A.

in the Vault configuration file using plugin_directory=

B.

in the UI underneath the plugin tab

C.

in the plugin configuration file using directory=

D.

within the CLI command when registering a plug

Given the Terraform configuration below, in which order will the resources be created?

1. resource "aws_instance" "web_server" {

2. ami = "i-abdce12345"

3. instance_type = "t2.micro"

4. }

5. resource "aws_eip" "web_server_ip" {

6. vpc = true

7. instance = aws_instance.web_server.id

8. }

A.

aws_eip will be created first

aws_instance will be created second

B.

no resources will be created

C.

aws_instance will be created first

aws_eip will be created second

D.

resources will be created simultaneously

True or False? Each Terraform workspace uses its own state file to manage the infrastructure associated with that particular workspace.

A.

False

B.

True

Which of the following best describes the default local backend?

A.

The local backend stores state on the local filesystem locks the state using system APIs and performs operations locally.

B.

The local backend is the directory where resources deployed by Terraform have direct access to in order to update their current state

C.

The local backend is how Terraform connects to public cloud services, such as AWS, Azure, or GCP.

D.

The local backend is where Terraform Enterprise stores logs to be processed by a log collector

Which is not a capability that can be used when writing a Vault policy?

A.

read

B.

list

C.

delete

D.

create

E.

modify

F.

update

In regards to deploying resources in multi-cloud environments, what are some of the benefits of using Terraform rather than a provider's native tooling? (select three)

A.

Terraform simplifies management and orchestration, helping operators build large-scale, multi-cloud infrastructure

B.

Terraform can help businesses deploy applications on multiple clouds and on-premises infrastructure

C.

Terraform can manage cross-cloud dependencies

D.

Terraform is not cloud-agnostic and can be used to deploy resources across a single public cloud

Terraform has detailed logs which can be enabled by setting the _________ environmental variable.

A.

TF_LOG

B.

TF_TRACE

C.

TF_DEBUG

D.

TF_INFO

In the example below, the depends_on argument creates what type of dependency?

1. esource "aws_instance" "example" {

2. ami = "ami-2757f631"

3. instance_type = "t2.micro"

4. depends_on = [aws_s3_bucket.company_data]

5. }

A.

non-dependency resource

B.

implicit dependency

C.

explicit dependency

D.

internal dependency

What does the following API request return?

1. $ curl \

2. --header "X-Vault-Token: ..." \

3. --request POST \

4. --data @payload.json \

5. http://127.0.0.1:8200/v1/sys/tools/random/164

A.

a random string of 164 characters

B.

a random token valid for 164 uses

C.

None

D.

a secured secret based on 164 bytes of data