Free GitHub GitHub-Advanced-Security Exam Questions

Question 1

Assuming that notification settings and Dependabot alert recipients have not been customized,which user account setting should you use to get an alert when a vulnerability is detected in one ofyour repositories?

A : Enable all in existing repositories

B : Enable by default for new public repositories

C : Enable all for Dependabot alerts

D : Enable all for Dependency graph

Answer: C

Question 2

What is a security policy?

A : An automatic detection of security vulnerabilities and coding errors in new or modified code

B : A security alert issued to a community in response to a vulnerability

C : A file in a GitHub repository that provides instructions to users about how to report a security vulnerability

D : An alert about dependencies that are known to contain security vulnerabilities

Answer: C

Question 3

When secret scanning detects a set of credentials on a public repository, what does GitHub do?

A : It notifies the service provider who issued the secret.

B : It displays a public alert in the Security tab of the repository.

C : It scans the contents of the commits for additional secrets.

D : It sends a notification to repository members.

Answer: A

Question 4

Assuming that notification settings and Dependabot alert recipients have not been customized,which user account setting should you use to get an alert when a vulnerability is detected in one ofyour repositories?

A : Enable all in existing repositories

B : Enable by default for new public repositories

C : Enable all for Dependabot alerts

D : Enable all for Dependency graph

Answer: C

Question 5

What does a CodeQL language matrix configuration involve?

A : Selecting the most used languages in the project

B : Prioritizing languages based on security risk

C : Balancing the load between different languages

D : Defining multiple languages to be analyzed

Answer: D