A. Limits the size of secrets to be transmitted over the network
B. Allow versioning of the secrets
C. It protects Vault's master key
D. Limits the time of secret exposure by having a short-lived wrapping token
E. Only the reference to the secrets is transmitted over the public network
A. Use local storage
B. Use snapshot
C. Enable audit device
D. Use external storage
A. Local replica of transit encryption key
B. Local key/value store
C. Auto-unseal Vault
D. Auto authentication
E. Secrets Cachin
A. True
B. False
A. Vault has an API that can be programmatically consumed by applications
B. The transit secrets engine relieves the burden of proper encryption/decryption from application developers and pushes the burden onto the operators of Vault
C. The transit secrets engine ensures encryption in-transit and at-rest is enforced enterprise wide
D. Encryption for application data is best handled by a storage system or database engine, while storing encryption keys in Vault
A. renew
B. create
C. revoke
D. describe
E. revoke -prefix
A. It does not have a max time-to-live (TTL)
B. It has a use limit
C. It is not persisted
D. It does not expire when its parent does
A. All key shares
B. A quorum of key shares
C. One or more keys
D. The threshold number of key shares
A. Fails due to missing -path parameter
B. Enables the transit secrets engine at secret path
C. Requires a root token to execute the command successfully
D. Enables the transit secrets engine at transit path
E. Fails because the transit secrets engine is enabled by default