Configure GitHub Advanced Security Tools in GitHub Enterprise

What role is required to change a repository's code scanning severity threshold that fails a pull request status check?

A. Maintain

B. Write

C. Triage

D. Admin

D.   Admin

What is a security policy?

A. An automatic detection of security vulnerabilities and coding errors in new or modified code

B. A security alert issued to a community in response to a vulnerability

C. A file in a GitHub repository that provides instructions to users about how to report a security vulnerability

D. An alert about dependencies that are known to contain security vulnerabilities

C.   A file in a GitHub repository that provides instructions to users about how to report a security vulnerability

If default code security settings have not been changed at the repository, organization, or enterprise level, which repositories receive Dependabot alerts?

A. Repositories owned by an enterprise account

B. Private repositories

C. None

D. Repositories owned by an organization

C.   None

Assuming there is no custom Dependabot behavior configured, where possible, what does Dependabot do after sending an alert about a vulnerable dependency in a repository?

A. Creates a pull request to upgrade the vulnerable dependency to the minimum possible secure version

B. Scans repositories for vulnerable dependencies on a schedule and adds those files to a manifest

C. Constructs a graph of all the repository's dependencies and public dependents for the default branch

D. Scans any push to all branches and generates an alert for each vulnerable repository

A.   Creates a pull request to upgrade the vulnerable dependency to the minimum possible secure version

Which of the following steps should you follow to integrate CodeQL into a third-party continuous integration system? (Each answer presents part of the solution. Choose three.)

A. Process alerts

B. Analyze code

C. Upload scan results

D. Install the CLI

E. Write queries

B.   Analyze code
C.   Upload scan results
D.   Install the CLI

What is a prerequisite to define a custom pattern for a repository?

A. Change the repository visibility to Internal

B. Close other secret scanning alerts

C. Specify additional match criteria

D. Enable secret scanning

D.   Enable secret scanning

Which of the following information can be found in a repository's Security tab?

A. Number of alerts per GHAS feature

B. Two-factor authentication (2FA) options

C. Access management

D. GHAS settings

A.   Number of alerts per GHAS feature

Which of the following statements best describes secret scanning push protection?

A. Commits that contain secrets are blocked before code is added to the repository.

B. Secret scanning alerts must be closed before a branch can be merged into the repository.

C. Buttons for sensitive actions in the GitHub UI are disabled.

D. Users need to reply to a 2FA challenge before any push events.

A.   Commits that contain secrets are blocked before code is added to the repository.

What does code scanning do?

A. It contacts maintainers to ask them to create security advisories if a vulnerability is found

B. It prevents code pushes with vulnerabilities as a pre-receive hook

C. It analyzes a GitHub repository to find security vulnerabilities

D. It scans your entire Git history on branches present in your GitHub repository for any secrets

C.   It analyzes a GitHub repository to find security vulnerabilities

Which security feature shows a vulnerable dependency in a pull request?

A. Dependency graph

B. Dependency review

C. Dependabot alert

D. The repository's Security tab

B.   Dependency review
Page 2 out of 8 Pages
GH-500 Practice Test

Are You Truly Prepared?

Don't risk your exam fee on uncertainty. Take this definitive practice test to validate your readiness for the Microsoft GH-500 exam.

Enroll Now