VAULT-ASSOCIATE-002 Question #23: Real Exam Question with Answer & Explanation

Question

An authentication method should be selected for a use case based on:

Options

• AThe auth method that best establishes the identity of the client
• BThe cloud provider for which the client is located on
• CThe strongest available cryptographic hash for the use case
• DCompatibility with the secret engine which is to be used

Explanation

The primary criterion for selecting a Vault authentication method is its ability to reliably establish and verify the identity of the client requesting access.

Common mistakes.

• B. While some auth methods are specific to cloud providers, the cloud provider itself is a factor in which identity can be established, not the primary decision driver for how identity is established in general.
• C. Cryptographic hash strength is relevant for secure password storage within some auth methods, but it's not the overarching criterion for selecting an entire authentication method.
• D. Auth methods and secret engines operate independently; a secret engine can be used with any authenticated client, so compatibility isn't a primary selection factor for the auth method itself.

Concept tested. Vault authentication method selection criteria

Reference. https://developer.hashicorp.com/vault/docs/auth

No community discussion yet for this question.