HashiCorp Consul-Associate Practice Test : Free Online Preparation

Free HashiCorp Consul-Associate Exam Questions

Scenario: You have an application that uses Consul service discovery to connect to backend services in order to process data submitted by end-users. The front-end web

service consists of 3 containers, while the backend service consists of 5 static virtual machines. All of the front-end web servers and the backend servers are registered

During normal operations, a user complains that the data processing is taking too long. To troubleshoot, you run a DNS query against the DNS name for the backend

service, but discover that the response only contains three of the virtual machines. Why would Consul only respond with three servers rather than all five?

the response only included the three underutilized nodes

the DNS query must specify how many nodes to return in the response

You need to deny communication between the customer-db service and the payment service using an intention. You open the command line and issue the following

$ consul intention create customer-db payment

However, the two services can still initiate new connections even after the intention is created. What would explain this?

the mTLS certificates are both signed by the same CA, therefore the connectivity is permitted regardless of an intention

Stephen is using Consul for service discovery, but he also wants to store data in the Consul K/V for application variables that need to be retrieved at runtime. However,

the application is currently architected to read data directly from a local file, not from a remote K/V service like Consul.

What Consul feature can Stephen use to retrieve data from Consul without re-architecting the application?

You have created a new gossip encryption key using consul keygen and installed it using the command consul keyring -install

TX/1dsj67x/4XdTeSG1Cb5RdC/cbAbv9Hch4H8cL8nk=.

However, when you try and delete the original gossip encryption key, you receive an error. Based on the error message below, what steps need to be taken in order to be

able to remove the old gossip encryption key?

1. $ consul keyring -remove /d+jMNoQWICjMvddXJXzyGPDWiEOFgApvUJcuPRcves=

3. ==> Removing gossip encryption key...

4. error: Unexpected response code: 500 (12 errors occurred:

5. * WAN error: 5/5 nodes reported failure

6. * CONSUL-NODE-A.dc-1: Removing the primary key is not allowed

7. * CONSUL-NODE-C.dc-1: Removing the primary key is not allowed

8. * CONSUL-NODE-B.dc-1: Removing the primary key is not allowed

9. * CONSUL-NODE-D.dc-1: Removing the primary key is not allowed

10. * CONSUL-NODE-E.dc-1: Removing the primary key is not allowed

11. * dc-1 (LAN) error: 5/5 nodes reported failure

12. * CONSUL-NODE-E: Removing the primary key is not allowed

13. * CONSUL-NODE-A: Removing the primary key is not allowed

14. * CONSUL-NODE-D: Removing the primary key is not allowed

15. * CONSUL-NODE-B: Removing the primary key is not allowed

16. * CONSUL-NODE-C: Removing the primary key is not allowed

wait until the old key is invalidated by Consul based upon the configured validity date

the original gossip key on a Consul cluster cannot be deleted

Complete the sentence:

The main restriction on Consul's K/V store is an object's size, which can be a maximum of _______?

Free HashiCorp Consul-Associate Exam Questions

Try our Free Demo Practice Tests for Comprehensive Consul-Associate Exam Preparation