Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

True or False? When using the Terraform provider for Vault, the tight integration between these HashiCorp tools provides the ability to mask secrets in the terraform plan and state files.

A.

False

B.

True

In the example below, where is the value of the DNS record's IP address originating from?

1. resource "aws_route53_record" "www" {

2. zone_id = aws_route53_zone.primary.zone_id

3. name = "www.helloworld.com "

4. type = "A"

5. ttl = "300"

6. records = [module.web_server.instance_ip_addr]

7. }

A.

value of the web_server parameter from the variables.tf file

B.

the output of a module named web_server

C.

the regular expression named module.web_server

D.

by querying the AWS EC2 API to retrieve the IP address

When using providers that require the retrieval of data, such as the HashiCorp Vault provider, in what phase does Terraform actually retrieve the data required?

A.

terraform apply

B.

terraform plan

C.

terraform init

D.

terraform delete

You are deploying Vault in a local data center, but want to be sure you have a secondary cluster in the event the primary cluster goes offline. In the secondary data center, you have applications that are running, as they are architected to run active/active. Which type of replication would be best in this scenario?

A.

disaster recovery replication

B.

single-node replication

C.

performance replication

D.

end-to-end replication

Why is it a good idea to declare the required version of a provider in a Terraform configuration file?

1. terraform {

2. required_providers {

3. aws = "~> 1.0"

4. }

5. }

A.

to remove older versions of the provider

B.

to ensure that the provider version matches the version of Terraform you are using

C.

providers are released on a separate schedule from Terraform itself; therefore a newer version could introduce breaking changes

D.

to match the version number of your application being deployed via Terraform

Which TCP port does Vault use, by default, for its API and UI?

A.

8600

B.

8201

C.

8500

D.

8301

E.

8300

F.

8200

Which three interfaces can be used to access Vault? (select three)

A.

JSON

B.

CLI

C.

RPC

D.

UI

E.

API

F.

Consul

What is a downside to using a Terraform provider, such as the Vault provider, to interact with sensitive data, such as reading secrets from Vault?

A.

Terraform and Vault must be running on the same physical host

B.

Terraform and Vault must be running on the same version

C.

Terraform requires a unique auth method to work with Vault

D.

Secrets are persisted to the state file and plans

Which of the following Vault policies will allow a Vault client to read a secret stored at secrets/applications/app01/api_key?

A.

path "secrets/applications/+/api_*" {

capabilities = ["read"]

}

B.

path "secrets/applications/" {

capabilities = ["read"]

allowed_parameters = {

"certificate" = []

}

}

C.

path "secrets/*" {

capabilities = ["list"]

}

D.

path "secrets/applications/app01/api_key" {

capabilities = ["update", "list"]

}

Which of the following connection types are supported by the remote-exec provisioner? (select two)

A.

rdp

B.

smb

C.

ssh

D.

winrm