HashiCorp Certified: Vault Associate (002) — Question 55

Which of the following is a reason to rekey a Vault cluster? (Choose two.)

Answer options

• A. A keyholder joins or leaves the organization
• B. Adding additional Vault nodes to a cluster
• C. The rook token is lost
• D. A compliance mandate to rotate the master key at a regular interval
• E. Upgrading Vault Community Edition to Vault Enterprise

Correct answer: A, D

Explanation

Rekeying a Vault cluster is necessary when a keyholder joins or leaves the organization (A), as it helps maintain security and access control. Additionally, a compliance mandate to regularly rotate the master key (D) ensures that security practices are upheld. The other options do not directly necessitate a rekeying action.