Vault leases Questions
Practice questions for Vault leases topic in HashiCorp Certified: Vault Associate (003). 16 questions covering this domain.
An operator requests a lease renewal with an increment of one hour. How should that increment be interpreted?
A candidate compares a key-value secret and a database credential generated by Vault. Which statement is accurate?
A security incident affects every temporary AWS credential issued from one Vault path. Which action revokes all of those leases most directly?
A developer receives a lease ID after reading dynamic credentials from Vault. What is the primary purpose of that lease ID?
What fact makes prefix-based lease revocation possible in Vault?
A team uses vault lease revoke on a lease and then tries to renew the same lease ID. What should they expect?
A support engineer has a lease ID and needs to renew or revoke it from the CLI. Which command family should they use?
Why does Vault require dynamic secrets to have a lease even when the credentials are intended to stay valid for a very long time?
An application reads a secret from the KV secrets engine and sees a lease_duration field in the output. What should the team assume?
A client requests vault lease renew -increment=3600, and the backend returns a 20-minute TTL. Which value should the client trust?
A service token created several dynamic database credentials. What happens to those leases if the token is revoked?
During an incident, operators need to revoke every credential issued from database/creds/payroll-app without touching other database roles. Which acti...
According to Vault lease concepts, which objects receive leases by default?
Why is a requested lease renewal increment rooted at the current time instead of the previous expiration time?
Why does Vault require dynamic secrets to have leases even if the underlying credential could theoretically remain valid for a long time?
During an incident, an operator revokes a leased AWS credential before its TTL ends. What should the application assume immediately after that revocat...
Sign in to see all 16 questions
Create a free account to browse all questions — completely free during our launch phase.