HashiCorp Certified: Vault Associate (002) — Question 31

As a best practice, the root token should be stored in which of the following ways?

Answer options

• A. Should be revoked and never stored after initial setup
• B. Should be stored in configuration automation tooling
• C. Should be stored in another password safe
• D. Should be stored in Vault

Correct answer: A

Explanation

The root token is highly sensitive and should be revoked immediately after its initial use to prevent unauthorized access. Storing it in configuration automation tooling, another password safe, or Vault poses unnecessary security risks, as it can be compromised if the storage system is breached.