Use this screenshot to answer the question below:

When are you shown these options in the GUI?
You are using the Vault userpass auth method mounted at auth/userpass. How do you create a new user named "sally" with password "h0wN0wB4r0wnC0w"? This new user will need the power-users policy.
What are orphan tokens?
Where does the Vault Agent store its cache?
How many Shamir's key shares are required to unseal a Vault instance?
To make an authenticated request via the Vault HTTP API, which header would you use?