Microsoft Azure

GitHub Advanced Security

GH-500

Prepare for the GH-500 exam to validate your knowledge in GitHub Advanced Security.

141 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 51–60 of 141

Q51

You are configuring Azure Policy for compliance. What happens when a new resource is created that violates an existing policy?

  • A Resource creation is denied
  • B Resource is tag compliant
  • C Policy is automatically updated
  • D Resource is placed in quarantine
Explanation Azure Policy denies the creation of non-compliant resources, while the other options are incorrect actions taken.
Q52

Which service enables automated code scanning for vulnerabilities?

  • A GitHub Advanced Security
  • B Azure DevOps
  • C Azure Monitor
  • D GitHub Actions
Explanation GitHub Advanced Security provides automated vulnerability scanning, while the others do not solely focus on security scanning.
Q53

A company needs to identify secrets in their GitHub repositories. What can they use to accomplish this?

  • A Secret scanning
  • B CodeQL
  • C Dependabot
  • D Actions Logs
Explanation Secret scanning specifically detects sensitive information like API keys in repositories, unlike the other options.
Q54

You are configuring policies for a GitHub repository. What happens when a branch protection rule is set?

  • A Direct pushes are allowed
  • B Pull requests requires reviews
  • C Commits are disabled
  • D Automatic deletion of branches
Explanation Branch protection rules typically require pull requests to have specific checks passed, while the other options contradict protection logic.
Q55

Which service in Azure provides advanced threat protection for GitHub repositories?

  • A Azure DevOps
  • B Azure Security Center
  • C GitHub Advanced Security
  • D Azure Sentinel
Explanation GitHub Advanced Security is designed specifically for security in GitHub repositories, while the others focus on broader Azure security.
Q56

A company needs to monitor its GitHub repositories for code vulnerabilities. What should they enable?

  • A Dependabot alerts
  • B GitHub Actions
  • C Code reviews
  • D Project boards
Explanation Dependabot alerts provide notifications about vulnerabilities in dependencies, while the other options do not monitor for vulnerabilities.
Q57

You are configuring branch protection rules in GitHub. What happens when a rule is set to require pull request reviews before merging?

  • A Automatically merges the pull request
  • B Blocks all direct pushes
  • C Requires a review from at least one user
  • D Allows merges without reviews
Explanation Requiring reviews means at least one approval is needed for merging, while the other options misrepresent branch protection rules.
Q58

Which service provides static application security testing in GitHub?

  • A GitHub Code Scanning
  • B Azure DevOps
  • C GitHub Actions
  • D GitHub Pages
Explanation GitHub Code Scanning is specifically designed for static application security testing, unlike the others.
Q59

A company needs to ensure secrets are not exposed in GitHub repositories. What should they implement?

  • A Branch Protection Rules
  • B Secret Scanning
  • C Code Quality Checks
  • D Pull Request Reviews
Explanation Secret Scanning identifies and prevents exposure of sensitive information, while the others focus on code quality.
Q60

You are configuring a workflow in GitHub Actions for deploying code. What happens when a workflow fails due to a syntax error?

  • A Workflow continues executing subsequent jobs
  • B Next workflow in the sequence runs
  • C Workflow fails, and no jobs execute
  • D Only non-syntax-related jobs run
Explanation A syntax error prevents the workflow from running any jobs, halting execution completely.