Free GitHub GitHub-Advanced-Security Exam Questions

Become GitHub Certified with updated GitHub-Advanced-Security exam questions and correct answers

Page: 1 / 60

Total 300 Questions | Updated On: Dec 16, 2025

Add To Cart

Question 1

When secret scanning detects a set of credentials on a public repository, what does GitHub do?

A : It notifies the service provider who issued the secret.

B : It displays a public alert in the Security tab of the repository.

C : It scans the contents of the commits for additional secrets.

D : It sends a notification to repository members.

Answer: A

Question 2

Which of the following statements most accurately describes push protection for secret scanning custom patterns?

A : Push protection must be enabled for all, or none, of a repository's custom patterns.

B : Push protection is an opt-in experience for each custom pattern.

C : Push protection is not available for custom patterns.

D : Push protection is enabled by default for new custom patterns.

Answer: B

Question 3

You are a maintainer of a repository and Dependabot notifies you of a vulnerability. Where could the vulnerability have been disclosed? (Each answer presents part of the solution. Choose two.)

A : In the National Vulnerability Database

B : In the dependency graph

C : In security advisories reported on GitHub

D : In manifest and lock files

Answer: A,C

Question 4

What is a security policy?

A : An automatic detection of security vulnerabilities and coding errors in new or modified code

B : A security alert issued to a community in response to a vulnerability

C : A file in a GitHub repository that provides instructions to users about how to report a security vulnerability

D : An alert about dependencies that are known to contain security vulnerabilities

Answer: C

Question 5