Encryption as a Service Questions
Practice questions for Encryption as a Service topic in HashiCorp Certified: Vault Associate (003). 8 questions covering this domain.
A team rotates a transit encryption key and still needs previously encrypted data to remain readable. Which statement is correct?
A developer uses the transit secrets engine to encrypt application data. Where is the plaintext stored after encryption?
A security team wants an almost untrusted process to move old transit ciphertext to the newest key version without ever seeing plaintext. Which operat...
An application sends plaintext to transit/encrypt/my-key through the HTTP API. Why must the plaintext be base64-encoded first?
An application stores transit ciphertext that begins vault:v3:. What does v3 identify?
A team wants identical plaintext values with the same context to produce identical transit ciphertext so database lookups remain possible. Which trans...
A team rotates a transit key named customer-data. What changes immediately after the rotate operation?
A migration service must update old transit ciphertext to the latest key version without ever seeing plaintext. Which operation should its policy allo...
Sign in to see all 8 questions
Create a free account to browse all questions — completely free during our launch phase.