Microsoft GH-500 Exam Questions and Updated Info

Microsoft GH-500 Exam Dumps

Certification Exams

Downloadable PDF versions

100% Confidential

Updated Regularly

Advanced Features

Number Of Questions: 75

$59.00

Exam Details

Exam Name:

GitHub Advanced Security Exam

Exam Code:

GH-500

Total Questions in Exam:

Demo Questions

Q1. '-- [Configure and Use Code Scanning] After investigating a code scanning alert related to injection, you determine that the input is properly sanitized using custom logic. What should be your next step?

A.Draft a pull request to update the open-source query.

B. Ignore the alert.

C. Open an issue in the CodeQL repository.

D. Dismiss the alert with the reason 'false positive.'

Answer

Correct Answer: D

Q2. '-- [Configure and Use Secret Scanning] How many alerts are created when two instances of the same secret value are in the same repository?

A.1 B. 2

C. 3

D. 4

Answer

Correct Answer: A

Q3. '-- [Configure GitHub Advanced Security Tools in GitHub Enterprise] What role is required to change a repository's code scanning severity threshold that fails a pull request status check?

A.Maintain

B. Write

C. Triage

D. Admin

Answer

Correct Answer: D

Q4. '-- [Use Code Scanning with CodeQL] When using the advanced CodeQL code scanning setup, what is the name of the workflow file?

A.codeql-config.yml

B. codeql-scan.yml

C. codeql-workflow.yml

D. codeql-analysis.yml

Answer

Correct Answer: D

Q5. '-- [Configure and Use Dependency Management] In the pull request, how can developers avoid adding new dependencies with known vulnerabilities?

A.Enable Dependabot alerts.

B. Add Dependabot rules.

C. Add a workflow with the dependency review action.

D. Enable Dependabot security updates.

Answer

Correct Answer: C

Answer

$59.00

Reviews

There are no reviews yet.

Be the first to review “Microsoft GH-500 Exam Dumps”

Microsoft GH-500 Exam Dumps

Certification Exams

Downloadable PDF versions

100% Confidential

Updated Regularly

Advanced Features

Number Of Questions: 75

Exam Details

Demo Questions

Q1. '-- [Configure and Use Code Scanning] After investigating a code scanning alert related to injection, you determine that the input is properly sanitized using custom logic. What should be your next step?

A.Draft a pull request to update the open-source query.

B. Ignore the alert.

C. Open an issue in the CodeQL repository.

D. Dismiss the alert with the reason 'false positive.'

Q2. '-- [Configure and Use Secret Scanning] How many alerts are created when two instances of the same secret value are in the same repository?

A.1

B. 2

C. 3

D. 4

Q3. '-- [Configure GitHub Advanced Security Tools in GitHub Enterprise] What role is required to change a repository's code scanning severity threshold that fails a pull request status check?

A.Maintain

B. Write

C. Triage

D. Admin

Q4. '-- [Use Code Scanning with CodeQL] When using the advanced CodeQL code scanning setup, what is the name of the workflow file?

A.codeql-config.yml

B. codeql-scan.yml

C. codeql-workflow.yml

D. codeql-analysis.yml

Q5. '-- [Configure and Use Dependency Management] In the pull request, how can developers avoid adding new dependencies with known vulnerabilities?

A.Enable Dependabot alerts.

B. Add Dependabot rules.

C. Add a workflow with the dependency review action.

D. Enable Dependabot security updates.

Reviews

Quick Links

Contact Us