A RetroSearch Logo

Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Search Query:

Showing content from https://developer.hashicorp.com/certifications/security-automation below:

Security Automation | HashiCorp Developer

HashiCorp Certified:

Vault Associate (003)

Product version tested:Vault 1.16

The Vault Associate 003 certification is for Cloud Engineers specializing in security, development, or operations who know the basic concepts, skills, and use cases associated with Vault. You will be best prepared for this exam if you have professional experience using Vault in production, but performing the exam objectives in a personal demo environment may be sufficient.

Assessment Type Multiple choice Format Online proctored Duration 1 hour Price $70.50 USD, plus locally applicable taxes and fees. Free retake not included. Language English Expiration 2 years 1 Authentication methods 1a Define the purpose of authentication methods 1b Choose an authentication method based on use case 1c Explain the difference between human vs. system authentication methods 1d Define the purpose of identities and groups 1e Authenticate to Vault using the API, CLI, and UI 1f Configure authentication methods using the API, CLI, and UI 2 Vault policies 2a Explain the value of Vault policies 2b Describe Vault policy syntax: path 2c Describe Vault policy syntax: capabilities 2d Choose a Vault policy based on requirements 2e Configure Vault policies using the UI and CLI 3 Vault tokens 3a Choose between service and batch tokens based on use case 3b Describe root token uses and lifecycle 3c Explain the purpose of token accessors 3d Explain the impact of time-to-live 3e Explain orphaned tokens 3f Describe how to create tokens based on need 4 Vault leases 4a Explain the purpose of a lease ID 4b Describe how to renew leases 4c Describe how to revoke leases 5 Secrets engines 5a Choose a secrets engine based on use case 5b Compare and contrast dynamic secrets vs. static secrets, and know their use cases 5c Describe the uses of transit secrets engine 5d Describe the purpose of secrets engines 5e Describe the use of response wrapping 5f Explain the value of short-lived, dynamically generated secrets 5g Enable secrets engines using the CLI, API*, and UI 5h Access Vault secrets using the CLI, API, and UI 6 Encryption as a service 6a Encrypt and decrypt secrets 6b Rotate the encryption key 7 Vault architecture fundamentals 7a Describe how Vault encrypts data 7b Explain how to seal and unseal Vault 7c Configure environment variables 8 Vault deployment architecture 8a Explain cluster strategy for self-managed and HashiCorp-managed Vault clusters 8b Explain the uses of storage backends 8c Explain the uses of Shamir secret sharing and unsealing 8d Explain the uses of disaster recovery and performance replication 8e Differentiate between self-managed and HashiCorp-managed Vault clusters 9 Access management architecture 9a Describe the Vault Agent 9b Describe the Vault Secrets Operator

* API was added to objective 5g and communicated to test-takers March 4 2025.

To renew your Vault Associate certification, you will need to take and pass either the Vault Associate 003 exam or the Vault Operations Professional exam.

If you hold an unexpired Vault Associate 002 certification: You can take the new (003) exam starting 18 months after your previous exam date. When you pass the exam, you will receive a new, separate set of credentials (badge and certificate) that reflect your recertification date. The expiration date of your Vault Associate 002 credentials will remain unchanged.

If you hold an unexpired Vault Associate 003 certification: You can retake the Vault Associate 003 exam starting 18 months after your previous exam date. When you pass the exam, the expiration date on your credentials will be extended.

You can also renew any unexpired Vault Associate certification by passing the Vault Operations Professional exam. This will extend the expiration date of your unexpired Vault Associate 002 or 003 certification and grant you professional-level credentials.

If you hold any expired Vault Associate certification: You are eligible to recertify at any time. When you pass the Vault Associate 003 exam, you will receive a new set of credentials with a new expiration date.

Learn more about recertification in our Knowledgebase.

Content differences between the 002 and 003 exams

Exam updates summary:

New topics covered in (003):

HashiCorp Certified:

Vault Operations Professional

Product version tested:Vault 1.16

The Vault Operations Professional certification is a lab-based exam for Cloud Engineers focused on deploying, configuring, managing, and monitoring HashiCorp Vault. You are well-qualified to take this exam if you hold the Vault Associate Certification (or equivalent knowledge), have experience operating Vault in production, and can evaluate Vault Enterprise functionality and use cases.

We strongly recommend passing the associate-level Vault exam before taking the professional-level exam. Practitioners who are already experienced with Vault operations in a production environment—and understand the concepts covered in the associate exam— may be able to successfully pass the professional-level exam.

Assessment Type Lab-based and multiple choice Format Online proctored Duration 4 hours; 15-minute break included Price $295 USD, plus locally applicable taxes and fees. Includes free retake. Language English Expiration 2 years 1 Create a working Vault server configuration given a scenario 1a Enable and configure secret engines 1b Practice production hardening 1c Auto unseal Vault 1d Implement integrated storage for Community and Enterprise Vault 1e Enable and configure authentication methods 1f Practice secure Vault initialization 1g Regenerate a root token 1h Rekey Vault and rotate encryption keys 2 Monitor a Vault environment 2a Monitor and understand Vault telemetry 2b Monitor and understand Vault audit logs 2c Monitor and understand Vault operational logs 3 Employ the Vault security model 3a Describe secure introduction of Vault clients 3b Describe the security implications of running Vault in Kubernetes 4 Build fault-tolerant Vault environments 4a Configure a highly available (HA) cluster 4b [Vault Enterprise] Enable and configure disaster recovery (DR) replication 4c [Vault Enterprise] Promote a secondary cluster 5 Understand the hardware security module (HSM) integration 5a [Vault Enterprise] Describe the benefits of auto unsealing with HSM 5b [Vault Enterprise] Describe the benefits and use cases of seal wrap (PKCS#11) 6 Scale Vault for performance 6a Use batch tokens 6b [Vault Enterprise] Describe the use cases of performance standby nodes 6c [Vault Enterprise] Enable and configure performance replication 6d [Vault Enterprise] Create a paths filter 7 Configure access control 7a Interpret Vault identity entities and groups 7b Write, deploy, and troubleshoot ACL policies 7c [Vault Enterprise] Understand Sentinel policies 7d [Vault Enterprise] Define control groups and describe their basic workflow 7e [Vault Enterprise] Describe and interpret multi-tenancy with namespaces 8 Configure Vault Agent 8a Securely configure auto-auth and token sink 8b Configure templating

This performance-based exam contains labs that must be completed in a virtual environment, and a shorter multiple-choice section. During the lab scenarios, exam-takers will be tested on performing real-world Vault operational tasks on the command line. The Vault UI and API can also be used where applicable, and exam-takers will have access to the Vault and Vault API documentation.

To renew your Vault Professional certification, you will need to take and pass the Vault Professional exam.

If you hold an unexpired Vault Professional certification: You can take the exam again starting 18 months after your previous exam date. When you pass the exam, the expiration date on your credentials will be extended.

If you hold an expired Vault Professional certification: You are eligible to recertify at any time. When you pass the exam again, you will receive a new, separate set of credentials with a new expiration date.

HashiCorp Certified:

Consul Associate (003)

Product version tested:Consul 1.15

The Consul Associate certification is for site reliability engineers (SREs), solutions architects (SAs), DevOps professionals, or other cloud engineers who know the basic concepts and skills to build, secure, and maintain Consul. You understand what Enterprise features exist and can differentiate between Consul Enterprise and Community Edition. You will be best prepared for this exam if you have professional experience using Consul in production, but performing the exam objectives in a personal demo environment may be sufficient.

Assessment Type Multiple choice Format Online proctored Duration 1 hour Price $70.50 USD, plus locally applicable taxes and fees. Free retake not included. Language English Expiration 2 years 1 Understand the pillars of service networking 1a Understand how Consul discovers, tracks, and monitors the health of services 1b Explain how Consul secures service to service communication 1c Summarize how Consul controls access to services at point of entry 1d Discuss how Consul automates networking tasks 2 Describe Consul architecture 2a Identify Consul datacenter components including agents and communication protocols 2b Review Consul server high availability & scalability options 2c Differentiate between server agents and data plane components (client agents and Consul Dataplane) 2d Understand that Consul can run on multiple platforms 3 Deploy a single datacenter 3a Configure, bootstrap, and start Consul server agents 3b Configure and start Consul client agents 3c Configure and start Consul on Kubernetes 3d Explain Consul agent join methods and behavior 4 Register services and use service discovery 4a Interpret a service registration 4b Differentiate between service registration methods 4c Understand service health check configuration options and behaviors 4d Query Consul's service catalog via CLI, API, UI, and/or DNS, and interpret the results 4e Interpret & use prepared queries 5 Use Consul service mesh 5a Consider high level architecture & key benefits of Consul service mesh 5b Understand Consul service mesh intentions & when to use them 5c Apply proxy configuration options within Consul service mesh 6 Secure agent communication 6a Understand Consul security/threat model 6b Differentiate certificate types needed for TLS encryption 6c Interpret TLS encryption settings & intended use 6d Configure gossip encryption 7 Secure services with basic access control lists (ACLs) 7a Understand Consul ACL system components and usage 7b Create and configure ACL policies and tokens 7c Use ACL tokens to communicate securely with Consul services and agents 8 Secure and connect service mesh applications 8a Use Consul gateways to securely connect and access services into, out of, and within the service mesh 8b Understand how to enable communication between multiple Consul datacenters 9 Monitor Consul 9a Describe Consul service mesh observability 9b Review Consul datacenter observability 10 Operate and maintain Consul 10a Manage Consul servers 10b Maintain Consul communications security 10c Backup and restore Consul cluster state 10d Understand Consul datacenter troubleshooting options

To renew any Consul Associate certification, you will need to take and pass the new Consul Associate 003 exam.

If you hold an unexpired Consul Associate 002 certification: You can take the new (003) exam starting 18 months after your previous exam date. When you pass the Consul Associate 003 exam to recertify, you will receive a new, separate set of credentials (badge and corresponding certificate) that will reflect your recertification date. The date of your credentials related to your Consul Associate 002 certification will not be updated.

If you hold an unexpired Consul Associate 003 certification: You can take the new exam starting 18 months after your previous exam date. When you pass the new exam, the expiration date on your credentials will be extended.

If you hold any expired Consul Associate certification: You are eligible to recertify at any time. When you pass the new exam, you will receive a new, separate set of credentials with a new expiration date.

Content Differences Between the 002 and 003 exams

We updated the Consul Associate 003 exam to account for how Condul has grown, and to accommodate future growth. The changes are primarily a reorganization and rewording of the 002 exam objectives. More significant changes are listed below.

(002) objectives NOT covered in (003) 4 Access the Consul key/value (KV) (002) objectives now covered within other objectives in (003) 1 Explain Consul Architecture 2 Deploy a single datacenter 7 Secure agent communication 9 Use gossip encryption NEW objectives in (003) 1c Summarize how Consul controls access to services at point of entry 1d Discuss how Consul automates networking tasks 2d Understand that Consul can run on multiple platforms 3c Configure and start Consul on Kubernetes 8 Secure and connect service mesh applications at scale 9 Monitor Consul

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4