Question 1mediummultiple choice
Read the full NAT/PAT explanation →VA-003 Explain encryption as a service • Complete Question Bank
Complete VA-003 Explain encryption as a service question bank — all 0 questions with answers and detailed explanations.
Refer to the exhibit. ``` $ vault write -f transit/keys/payment-key Success! Data written to: transit/keys/payment-key $ vault write transit/encrypt/payment-key plaintext=$(base64 <<< "4111111111111111") Key Value --- ----- ciphertext vault:v1:abc123... $ vault write -f transit/keys/payment-key/rotate Success! Data written to: transit/keys/payment-key/rotate $ vault write transit/encrypt/payment-key plaintext=$(base64 <<< "4111111111111111") Key Value --- ----- ciphertext vault:v2:def456... $ vault write transit/decrypt/payment-key ciphertext=vault:v1:abc123... Key Value --- ----- plaintext NDExMTExMTExMTExMTExMQ== ```
Drag steps to the numbered slots on the right, or tap a step then tap a slot.
Drag a concept onto its matching description — or click a concept then click the description.
Lifetime of the wrapping token
Single-use token to unwrap response
Token-scoped storage for wrapped data
Retrieve the original response
$ vault write -address=https://vault.example.com -field=ciphertext transit/encrypt/my-key plaintext=$(base64 <<< "secret data")
path "transit/keys/*" {
capabilities = ["create", "read", "update", "delete", "list"]
}
path "transit/encrypt/*" {
capabilities = ["update"]
}
path "transit/decrypt/*" {
capabilities = ["update"]
}$ vault read transit/keys/my-key Key Value --- ----- allow_plaintext_backup false deletion_allowed false derived false exportable false keys map[1:...] latest_version 2 min_available_version 0 min_decryption_version 1 min_encryption_version 0 name my-key supports_encryption true supports_decryption true supports_derivation true supports_key_rotation true type aes256-gcm96
{
"request_id": "1",
"data": {
"allow_plaintext_backup": false,
"deletion_allowed": false,
"derived": false,
"exportable": false,
"keys": {
"1": {
"creation_time": "2023-01-01T00:00:00Z",
"name": "mykey"
},
"2": {
"creation_time": "2023-06-01T00:00:00Z",
"name": "mykey"
}
},
"latest_version": 2,
"min_encryption_version": 0,
"min_decryption_version": 1,
"name": "mykey"
}
}path "transit/keys/mykey" {
capabilities = ["create", "update", "delete"]
}
path "transit/keys/mykey/rotate" {
capabilities = ["update"]
}
path "transit/encrypt/mykey" {
capabilities = ["create", "update"]
}
path "transit/decrypt/mykey" {
capabilities = ["create", "update"]
}Error making API request. URL: POST http://vault.example.com/v1/transit/decrypt/mykey Code: 400. Errors: * invalid ciphertext: invalid base64 string