- (Topic 4)
You have enabled the Transit secrets engine on your Vault cluster to provide an "encryption as a service" service as your team develops new applications. What is a prime use case for the Transit secrets engine?

Correct Answer:A

- (Topic 3)
Vault operators can create two types of groups in Vault. What are the two types?

Correct Answer:AD

- (Topic 3)
You have ciphertext stored in an Amazon S3 bucket encrypted by the key named prod- customer. Will Vault decrypt this data with the command vault write transit/decrypt/prod- customer ciphertext="vault:v4:Xa1f9FIJtn13em/Wb7QCsXsU/kCOn7..." given this output?
✑ $ vault read transit/keys/prod-customer
✑ Key Value
✑ --- -----
✑ ...
✑ keys map[4:1549347108 5:1549347109 6:1549347110]
✑ latest_version 6
✑ min_available_version 0
✑ min_decryption_version 4
✑ min_encryption_version 0
Will Vault decrypt this data for you by running the following command?
✑ $ vault write transit/decrypt/prod-customer ciphertext="vault:v4:Xa1f9FIJtn13em/Wb7QCsXsU/kCOn7..."

Correct Answer:A

- (Topic 4)
You have enabled the Transit secrets engine and want to start encrypting data to store in Azure Blob storage. What is the next step that needs to be completed before you can encrypt data? (Select two)

Correct Answer:CD

- (Topic 1)
You??ve hit the URL for the Vault UI, but you??re presented with this screen. Why doesn??t Vault present you with a way to log in?

Correct Answer:B

- (Topic 2)
Which isnota capability that can be used when writing a Vault policy?

Correct Answer:B