Microsoft Azure

GitHub Advanced Security

GH-500

Prepare for the GH-500 exam to validate your knowledge in GitHub Advanced Security.

141 questions 0 views Free
Start Mock Test Timed · Full-length · Scored

Questions 71–80 of 141

Q71

A company needs to prevent leaked secrets in their code. What should they implement?

  • A Secret Scan
  • B Resource Locks
  • C Network Security Groups
  • D Static Code Analysis
Explanation Secret Scan detects and alerts on leaked secrets, whereas others serve different security purposes.
Q72

You are configuring GitHub's branch protection rules. What happens when the 'Require status checks to pass before merging' option is enabled?

  • A All pull requests will be automatically merged
  • B Branches cannot be deleted without checks
  • C Merging requires successful status checks
  • D Pull requests can only target main branch
Explanation Enabling this feature mandates successful checks for merging, while others do not affect merge conditions.
Q73

Which service provides anomaly detection for GitHub actions?

  • A CodeQL
  • B Dependabot
  • C Secret scanning
  • D Advanced Security
Explanation Advanced Security provides anomaly detection for GitHub actions, while others serve different purposes.
Q74

A company needs to ensure secrets are not leaked through code. What should they enable?

  • A Dependency Graph
  • B Secret scanning
  • C Code review
  • D Issues tracking
Explanation Secret scanning detects and prevents secret leaks in code, unlike the other options.
Q75

You are configuring a GitHub repository with security policies. What happens when a policy fails?

  • A All workflows are paused.
  • B The commit is rejected.
  • C Notified users receive alerts.
  • D Workflows run but are graded bad.
Explanation A policy failure results in rejection of the commit as a protective measure, while other options are inaccurate.
Q76

Which service integrates with Azure DevOps for static code analysis?

  • A GitHub Advanced Security
  • B Azure Functions
  • C Azure Logic Apps
  • D Azure Monitor
Explanation GitHub Advanced Security provides static code analysis, while the others serve different purposes.
Q77

A company needs to ensure their repositories are checked for secrets. What should they enable?

  • A Dependency scanning
  • B Secret scanning
  • C Code coverage
  • D Performance monitoring
Explanation Secret scanning helps to identify sensitive information in code, unlike the other options.
Q78

You are configuring branch protection rules in GitHub. What happens if a rule is enforced?

  • A All users can bypass it
  • B Only admins can commit
  • C Pull requests must be reviewed
  • D Commits can be pushed directly
Explanation Enforced rules require pull requests to be reviewed, while other options suggest different commit behaviors.
Q79

Which service provides identity and access management in Azure?

  • A Azure Active Directory
  • B Azure DevOps
  • C Azure Functions
  • D Azure Storage
Explanation Azure Active Directory manages identities; others do not focus on access management.
Q80

A company needs visibility into security vulnerabilities in their GitHub repositories. Which feature should they use?

  • A Dependabot Alerts
  • B Projects
  • C Issues
  • D Actions
Explanation Dependabot Alerts identify vulnerabilities; others do not focus on security analysis.