Microsoft Azure

GitHub Advanced Security

GH-500

Prepare for the GH-500 exam to validate your knowledge in GitHub Advanced Security.

141 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 91–100 of 141

Q91

Which service primarily protects code from vulnerabilities?

  • A GitHub Advanced Security
  • B Azure Firewall
  • C DevOps Insights
  • D Azure Key Vault
Explanation GitHub Advanced Security helps identify vulnerabilities in code, while others serve different roles.
Q92

A company needs to enforce compliance for code reviews. What should they implement?

  • A Branch protection rules
  • B Direct commits to master
  • C Private repositories
  • D Code owners file
Explanation Branch protection rules require pull request reviews before merging, ensuring compliance.
Q93

You are configuring workflow practices in a GitHub repository. What happens when you enable required status checks?

  • A All tests must pass to merge
  • B Only maintainers can merge
  • C Statuses can ignore failures
  • D Branches can merge without checks
Explanation Required status checks ensure all tests pass before merging, promoting code quality.
Q94

Which service helps manage secrets in GitHub Actions?

  • A GitHub Secrets
  • B GitHub Tokens
  • C GitHub Actions Library
  • D GitHub Environments
Explanation GitHub Secrets securely stores and manages sensitive information.
Q95

A company needs to enforce policy checks in their repositories. What should they implement?

  • A Branch Protection Rules
  • B GitHub Actions
  • C Code Owners
  • D GitHub API
Explanation Branch Protection Rules ensure compliance with set policies before merges occur.
Q96

You are configuring user permissions for a repository. What happens when a user is removed from a team?

  • A They retain access until manually revoked
  • B They lose all permissions instantly
  • C Access is disabled after one month
  • D They maintain read access only
Explanation Removing a user from a team immediately revokes their permissions to the repository.
Q97

Which service provides static code analysis in GitHub Actions?

  • A CodeQL
  • B Azure DevOps
  • C GitHub Pages
  • D Secrets Manager
Explanation CodeQL scans code for vulnerabilities; others don't focus on static analysis.
Q98

A company needs to enforce stricter code review processes in GitHub. What should they implement?

  • A Branch protection rules
  • B Webhooks
  • C API keys
  • D Personal access tokens
Explanation Branch protection rules enforce review requirements; others don't ensure code review.
Q99

You are configuring dependency scanning in GitHub. What happens when a vulnerability is detected?

  • A An issue is automatically created
  • B The repository is archived
  • C All branches are deleted
  • D No action is taken
Explanation An issue is created to inform maintainers; others don't effectively address vulnerabilities.
Q100

Which service is primarily used to scan GitHub repositories for code vulnerabilities?

  • A Dependabot
  • B CodeQL
  • C GitHub Actions
  • D GitHub Packages
Explanation CodeQL specifically scans for security vulnerabilities, while Dependabot focuses on dependency updates.