HashiCorp Certified: Vault Associate (002) — Question 17

Which of these is not a benefit of dynamic secrets?

Answer options

• A. Supports systems which do not natively provide a method of expiring credentials
• B. Minimizes damage of credentials leaking
• C. Ensures that administrators can see every password used
• D. Replaces cumbersome password rotation tools and practices

Correct answer: C

Explanation

The correct answer is C because dynamic secrets do not provide visibility into every password used; instead, they generate temporary credentials that are automatically managed. Options A, B, and D highlight actual benefits of dynamic secrets, such as aiding systems without expiration methods, limiting the fallout from credential leaks, and simplifying password management processes.