Free Practice Questions for HashiCorp Vault Associate Certification
Study with 358 exam-style practice questions designed to help you prepare for the HashiCorp Vault Associate.
Start Practicing
Random Questions
Practice with randomly mixed questions from all topics
Domain Mode
Practice questions from a specific topic area
Quiz History
Exam Details
Key information about HashiCorp Vault Associate
Exam Topics & Skills Assessed
Skills measured (from the official study guide)
Domain 1: Authentication methods
Subdomain 1.1: Define the purpose of authentication methods
Define the purpose of authentication methods
Subdomain 1.2: Choose an authentication method based on use case
Choose an authentication method based on use case
Subdomain 1.3: Explain the difference between human & system authentication methods
Explain the difference between human & system authentication methods
Subdomain 1.4: Define the purpose of identities and groups
Define the purpose of identities and groups
Subdomain 1.5: Authenticate to Vault using the API, CLI, and UI
Authenticate to Vault using the API, CLI, and UI
Subdomain 1.6: Configure authentication methods using the API, CLI, and UI
Configure authentication methods using the API, CLI, and UI
Domain 2: Vault policies
Subdomain 2.1: Explain the value of Vault policies
Explain the value of Vault policies
Subdomain 2.2: Describe Vault policy: path
Describe Vault policy: path
Subdomain 2.3: Describe Vault policy: capabilities
Describe Vault policy: capabilities
Subdomain 2.4: Choose a Vault policy based on requirements
Choose a Vault policy based on requirements
Subdomain 2.5: Configure Vault policies using the UI and CLI
Configure Vault policies using the UI and CLI
Domain 3: Vault tokens
Subdomain 3.1: Choose between service and batch tokens based on use case
Choose between service and batch tokens based on use case
Subdomain 3.2: Describe root token uses and lifecycle
Describe root token uses and lifecycle
Subdomain 3.3: Explain the purpose of token accessors
Explain the purpose of token accessors
Subdomain 3.4: Explain the impact of time-to-live
Explain the impact of time-to-live
Subdomain 3.5: Explain orphaned tokens
Explain orphaned tokens
Subdomain 3.6: Describe how to create tokens based on need
Describe how to create tokens based on need
Domain 4: Vault leases
Subdomain 4.1: Explain the purpose of a lease ID
Explain the purpose of a lease ID
Subdomain 4.2: Describe how to renew leases
Describe how to renew leases
Subdomain 4.3: Describe how to revoke leases
Describe how to revoke leases
Domain 5: Secrets engines
Subdomain 5.1: Choose a secrets engine based on use case
Choose a secrets engine based on use case
Subdomain 5.2: Compare and contrast dynamic secrets vs. static secrets, know their use cases
Compare and contrast dynamic secrets vs. static secrets, know their use cases
Subdomain 5.3: Describe the uses of transit secrets engine
Describe the uses of transit secrets engine
Subdomain 5.4: Describe the purpose of secrets engines
Describe the purpose of secrets engines
Subdomain 5.5: Describe the use of response wrapping
Describe the use of response wrapping
Subdomain 5.6: Explain the value of short-lived, dynamic secrets
Explain the value of short-lived, dynamic secrets
Subdomain 5.7: Enable secrets engines using the API*, CLI, and UI
Enable secrets engines using the API*, CLI, and UI
Subdomain 5.8: Access Vault secrets using the CLI, API, and UI
Access Vault secrets using the CLI, API, and UI
Domain 6: Encryption as a Service
Subdomain 6.1: Encrypt and decrypt secrets
Encrypt and decrypt secrets
Subdomain 6.2: Rotate the encryption key
Rotate the encryption key
Domain 7: Vault architecture fundamentals
Subdomain 7.1: Describe how Vault encrypts data
Describe how Vault encrypts data
Subdomain 7.2: Explain how to seal and unseal Vault
Explain how to seal and unseal Vault
Subdomain 7.3: Configure environment variables
Configure environment variables
Domain 8: Vault deployment architecture
Subdomain 8.1: Explain cluster strategy for self-managed and HashiCorp-managed clusters
Explain cluster strategy for self-managed and HashiCorp-managed clusters
Subdomain 8.2: Explain the uses of storage backends
Explain the uses of storage backends
Subdomain 8.3: Explain the uses of Shamir secret sharing and unsealing
Explain the uses of Shamir secret sharing and unsealing
Subdomain 8.4: Explain the uses of disaster recovery and performance replication
Explain the uses of disaster recovery and performance replication.
- Performance replication - Disaster recovery - DR replication failover
Subdomain 8.5: Differentiate between self-managed and HashiCorp-managed Vault clusters
Differentiate between self-managed and HashiCorp-managed Vault clusters
Domain 9: Access management architecture
Subdomain 9.1: Describe the Vault Agent
Describe the Vault Agent
Subdomain 9.2: Vault Secrets Operator
Manage Kubernetes native secrets with the Vault Secrets Operator.
- Vault Secrets Operator - Encrypted client cache - Instant updates - Secret transformation
Techniques & products