A security team wants an almost untrusted process to move old transit ciphertext to the newest key version without ever seeing plaintext. Which operation should it allow?
This question requires Pro
Unlock all 8 questions in this certification
Written by certified professionals · Aligned to official exam objectives
View all Pro featuresMore Encryption as a Service Questions
8 questions
Full HashiCorp Certified: Vault Associate (003) Practice Test
All topics covered
All HashiCorp Certified: Vault Associate (003) Questions
Browse by topic
Related Questions
A developer uses the transit secrets engine to encrypt application data. Where is the plaintext stor...
A team rotates a transit encryption key and still needs previously encrypted data to remain readable...
An application sends plaintext to transit/encrypt/my-key through the HTTP API. Why must the plaintex...
An application stores transit ciphertext that begins vault:v3:. What does v3 identify?...
A team wants identical plaintext values with the same context to produce identical transit ciphertex...
Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy