exam questions

Exam Vault Associate 002 All Questions

View all questions & answers for the Vault Associate 002 exam

Exam Vault Associate 002 topic 1 question 46 discussion

Actual exam question from HashiCorp's Vault Associate 002
Question #: 46
Topic #: 1
[All Vault Associate 002 Questions]

A web application uses Vault’s transit secrets engine to encrypt data in-transit. If an attacker intercepts the data in transit, which of the following statements are true? (Choose two.)

  • A. You can rotate the encryption key so that the attacker won't be able to decrypt the data
  • B. The keys can be rotated and min_decryption_version moved forward to ensure this data cannot be decrypted
    B. The Vault administrator would need to seal the Vault server immediately
  • C. Even if the attacker was able to access the raw data, they would only have encrypted bits (TLS in transit)
Show Suggested Answer Hide Answer
Suggested Answer: AC 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
agueda
2 weeks, 6 days ago
Selected Answer: BC
B (first) and C A > if you just rotate the encryption key, the attacker could use previous version of the key to decrypt (if he had access to the keyring) B (second) > Sealing the Vault doesn't make sense. I f the attacker has the decryption key also, sealing the Vault wouldn't make a difference. The right approach is to rotate the key and move foward the min_decryption_version
upvoted 1 times
...
nginx_aws
2 months, 2 weeks ago
B and D
upvoted 1 times
...
3fac4ef
3 months, 3 weeks ago
B and C https://developer.hashicorp.com/vault/api-docs/secret/transit#min_decryption_version
upvoted 1 times
...
Mark1000
5 months ago
B(first) and C B(first): https://developer.hashicorp.com/vault/docs/secrets/transit C: https://developer.hashicorp.com/vault/tutorials/encryption-as-a-service/eaas-transit
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago