HashiCorpHashiCorp
VAULT-ASSOCIATE-002 · Question #24
VAULT-ASSOCIATE-002 Question #24: Real Exam Question with Answer & Explanation
Sign in or unlock VAULT-ASSOCIATE-002 to reveal the answer and full explanation for question #24. The question stem and answer options stay visible for context.
Submitted by ashley.k· Apr 18, 2026Secure Vault
Question
A web application uses Vault's transit secrets engine to encrypt data in-transit. If an attacker intercepts the data in transit, which of the following statements are true? (Choose two.)
Options
- AYou can rotate the encryption key so that the attacker won't be able to decrypt the data
- BThe keys can be rotated and min_decryption_version moved forward to ensure this data
- CThe Vault administrator would need to seal the Vault server immediately
- DEven if the attacker was able to access the raw data, they would only have encrypted bits (TLS in
Unlock VAULT-ASSOCIATE-002 to see the answer
You've previewed enough free VAULT-ASSOCIATE-002 questions. Unlock VAULT-ASSOCIATE-002 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Vault Transit Secrets Engine#Key Rotation#Vault Security Operations#Incident Response