Free HCVA0-003 Exam Dumps

Question 81

- (Topic 4)
A large organization uses Vault for various use cases with multiple auth methods enabled. A user can authenticate via LDAP, OIDC, or a local userpass account, but they receive different policies for each method and often need to log out and back in for different actions. What can be configured in Vault to ensure users have consistent policies regardless of their authentication method?

A. Enable the SSH secrets engine and instruct the user to obtain credentials using the new secrets engine
B. Create a new entity and map the aliases from each of the available auth methods
C. Assign the default policy to the user's policy used by each auth method
D. Provide the user with an AppRole role-id and secret-id for authentication

Correct Answer:B

Question 82

- (Topic 3)
You have multiple Kubernetes pods that need frequent access to Vault to retrieve credentials for establishing connectivity to a backend database. You enable the Kubernetes auth method in Vault. What resource do you need to create within Kubernetes to complete this configuration?

A. Username and password for kubectl
B. k8s service account token
C. A Vault token for authentication
D. An AppRole role_id and secret_id

Correct Answer:B

Question 83

- (Topic 3)
When a lease is created, what actions can be performed by using only the lease ID? (Choose two)

A. Renew the lease
B. Revoke the lease
C. Extend the max TTL for the lease
D. Authenticate using the lease ID

Correct Answer:AB

Question 84

- (Topic 4)
True or False? Performing a rekey operation using the vault operator rekey command creates new unseal/recovery keys as well as a new root key?

A. True
B. False

Correct Answer:B

Question 85

- (Topic 5)
When creating a policy, an error was thrown:
HCVA0-003 dumps exhibit
Which statement describes the fix for this issue?

A. Replace write with create in the capabilities list
B. You cannot have a wildcard (" • ") in the path
C. sudo is not a capability

Correct Answer:A