Latest HCVA0-003 Practice Tests

Premium

HCVA0-003 Dumps - Full Mock Test

HashiCorp Certified: Vault Associate (003)Exam

285 Questions
120 MINUTES
2026-03-10 Updated

Full Access

QUESTION 46

- (Topic 3)
True or False? Once the lease for a dynamic secret has expired, Vault revokes the credentials on the backend platform for which they were created (i.e., database, AWS, Kubernetes).

A. True
B. False

Correct Answer: A

QUESTION 47

- (Topic 4)
Your organization uses a CI/CD pipeline to deploy its applications on Azure. During testing, you generate new credentials to validate Vault can create new credentials. The result of this command is below:
text CollapseWrapCopy
$ vault read azure/creds/bryan-krausen Key Value
--- -----
lease_id azure/creds/bryan-krausen/9eed0373-ca92-99b6-b914-779b7bb0e1d9 lease_duration 60m
lease_renewable true
client_id 532bf678-ee4e-6be1-116b-4e4221e445dd client_secret be60395b-4e6b-2b7e-a4b3-c449a5c00973
What commands can be used to revoke this secret after you have finished testing? (Select three)

A. vault lease revoke azure/
B. vault lease revoke -prefix azure/
C. vault lease revoke azure/creds/bryan-krausen/9eed0373-ca92-99b6-b914- 779b7bb0e1d9
D. vault lease revoke azure/creds/bryan-krausen
E. vault lease revoke -prefix azure/creds/bryan-krausen

Correct Answer: BCE

QUESTION 48

- (Topic 2)
Which of the following statements best describes the difference between static and dynamic credentials in a secrets management system?

A. They are functionally identical—the only difference is what secrets engine creates them.
B. Static credentials only apply to specific use cases, while dynamic credentials can be used everywhere.
C. Static credentials often remain persistent for long periods of time, while dynamic are short-lived and auto-rotated.
D. Static credentials are ephemeral and rotated frequently, while dynamic credentials remain unchanged indefinitely.

Correct Answer: C

QUESTION 49

- (Topic 5)
The key/value v2 secrets engine is enabled at secret/ See the following policy:
HCVA0-003 dumps exhibit
Which of the following operations are permitted by this policy? Choose two correct answers.

A. vault kv get secret/webapp1
B. vault kv put secret/webapp1 apikey-"ABCDEFGHI] K123M"
C. vault kv metadata get secret/webapp1
D. vault kv delete secret/super-secret
E. vault kv list secret/super-secret

Correct Answer: AC

QUESTION 50

- (Topic 2)
What is the result of the following Vault command?
$ vault auth enable kubernetes

A. Allows Vault to access usernames and passwords stored in a Kubernetes cluster
B. Mounts the Kubernetes auth method to the default path of kubernetes/
C. Imports Kubernetes secrets to the local KV database
D. Enables Vault to host an IdP for Kubernetes workloads

Correct Answer: B