Microsoft Azure

GitHub Advanced Security

GH-500

Prepare for the GH-500 exam to validate your knowledge in GitHub Advanced Security.

141 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 11–20 of 141

Q11

A company needs to ensure compliance with security policies in its GitHub repositories. Which feature should they enable?

  • A Dependabot Alerts
  • B Code Scanning
  • C Branch Protection Rules
  • D Issue Templates
Explanation Branch Protection Rules are vital for enforcing security policies; the other options are more focused on dependency management or issue tracking.
Q12

What happens when an Azure Policies compliance check fails?

  • A The resource is immediately deleted
  • B Notifications are sent only to IT teams
  • C The resource is marked as non-compliant
  • D All resources become compliant automatically
Explanation A failing compliance check results in the resource being marked as non-compliant, while the other options contain inaccurate consequences.
Q13

Which service helps monitor GitHub repositories for vulnerabilities?

  • A GitHub Advanced Security
  • B Azure DevOps
  • C CodeQL
  • D Azure Security Center
Explanation GitHub Advanced Security monitors repositories for vulnerabilities; the others do not specifically focus on GitHub.
Q14

A company needs to secure sensitive data in their GitHub repositories. What should they do?

  • A Use private repositories
  • B Increase repository visibility
  • C Avoid using branches
  • D Disable two-factor authentication
Explanation Using private repositories restricts access to sensitive data; the other options do not improve security.
Q15

What happens when a commit is made with secret credentials in GitHub?

  • A It is automatically removed
  • B It triggers an alert
  • C Nothing happens
  • D The repository is locked
Explanation GitHub scans for secrets in commits and can trigger an alert; other options are incorrect outcomes for secret detection.
Q16

Which service is used for automated security scanning in GitHub?

  • A GitHub Advanced Security
  • B Azure Data Lake
  • C Azure Monitor
  • D GitHub Actions
Explanation GitHub Advanced Security provides automated security scanning, while the others serve different purposes.
Q17

A company needs to implement code scanning in their CI/CD pipeline. What should they integrate?

  • A GitHub Dependabot
  • B Static Code Analysis
  • C Branch Protection
  • D GitHub Insights
Explanation Static Code Analysis tools specifically analyze code for vulnerabilities, while other options address different aspects of CI/CD.
Q18

You are configuring branch protection rules in GitHub. What happens when you enable 'require pull request reviews'?

  • A Automatic merges are allowed.
  • B No review required for changes.
  • C All changes must be reviewed.
  • D Merge conflicts are automatically resolved.
Explanation Enabling this option mandates that all changes receive reviews before merging, while the other options are incorrect based on this configuration.
Q19

Which service is used for monitoring GitHub repositories?

  • A GitHub Insights
  • B GitHub Security Alerts
  • C GitHub CodeQL
  • D GitHub Actions
Explanation GitHub Security Alerts monitors repositories for vulnerabilities; others serve different functions.
Q20

A company needs to restrict access to its GitHub repositories for specific IP ranges. What should they use?

  • A Branch Protection Rules
  • B IP Allow List
  • C Code Owners
  • D GitHub Actions
Explanation IP Allow List specifically limits access by IP ranges; others do not control IP access.