True or False: When encrypting data with the transit secrets engine, Vault always stores the ciphertext in a dedicated KV store along with the associated encryption key.

Posted by: Pdfprep Category: VA-002-P Tags: , ,

True or False: When encrypting data with the transit secrets engine, Vault always stores the ciphertext in a dedicated KV store along with the associated encryption key.
A . False
B . True

Answer: A

Explanation:

Vault doesn’t store the data sent to the secrets engine.

The transit secrets engine handles cryptographic functions on data-in-transit. It can also be viewed as "cryptography as a service" or "encryption as a service". The transit secrets engine can also sign and verify data; generate hashes and HMACs of data; and act as a source of random bytes.

Reference link: – https://www.vaultproject.io/docs/secrets/transit

Leave a Reply

Your email address will not be published.