HashiCorpHashiCorp
VAULT-ASSOCIATE-002 · Question #49
VAULT-ASSOCIATE-002 Question #49: Real Exam Question with Answer & Explanation
The correct answer is A: It is one of the built-in policies. The 'default' policy is a built-in Vault policy automatically included with all tokens, providing a common baseline of permissions.
Submitted by amina.ke· Apr 18, 2026Understand Vault Concepts
Question
Which of the following statements are true about the default policy? (Choose two.)
Options
- AIt is one of the built-in policies
- BProvides a common set of permissions and is included on all tokens by default
- CCan not be modified or deleted
- DGives a super admin permissions, similar to a root user on a Linux machine
- EVault upgrade will overwrite any update you made to the policy
Explanation
The 'default' policy is a built-in Vault policy automatically included with all tokens, providing a common baseline of permissions.
Common mistakes.
- C. The
defaultpolicy can be modified, though it's generally not recommended, and it can also be deleted. - D. The
defaultpolicy does not provide super-admin permissions; it typically grants only basic, safe permissions like reading help and status endpoints. - E. Vault upgrades do not overwrite custom modifications to the
defaultpolicy, though modifying it is generally discouraged.
Concept tested. Vault default policy characteristics
Reference. https://developer.hashicorp.com/vault/docs/concepts/policies#built-in-policies
Topics
#Vault policies#Default policy#Built-in policies#Token permissions
Community Discussion
No community discussion yet for this question.