Free Microsoft GH-100 Practice Exam with Questions & Answers | Set: 2

Name: How to Pass GH-100 Exams
Brand: Examstrack
SKU: gh-100
Price: 46 USD
Availability: InStock

Questions 11

Which GitHub feature is responsible for tracking dependencies and known vulnerabilities in those dependencies from an advisory database?

Options:

Repository Insights

Dependency Graph

Security Policy

CodeQL

Microsoft GH-100 Premium Access

Questions 12

You discover that a secret (e.g., a token or password) was accidentally committed to a GitHub repository. What is the first step you should take to mitigate the risk?

Options:

Contact GitHub Support to remove the secret from all forks and clones of the repository.

Revoke and/or rotate the secret to render it unusable, then assess whether history rewriting is necessary.

Rewrite the repository history using git filter-repo or BFG Repo-Cleaner to remove the secret from all commits.

Delete the repository and create a new one to ensure the secret is no longer accessible.

Questions 13

You are using GitHub-hosted runners and need to securely deploy to an internal system. The security team requires that these runners use IP address ranges that would not be shared with other companies. Which of the following approaches would meet their requirements?

Options:

GitHub-hosted larger runners with Azure private networking

GitHub-hosted standard runners, using the IP addresses provided in "actions" from https://api.github.com/meta

GitHub-hosted standard runners, using the IP addresses provided in "api" from https://api.github.com/meta

GitHub-hosted larger runners with static IP addresses

Questions 14

What additional capability does secret scanning offer for private repositories on GitHub Enterprise Cloud?

Options:

Allows custom pattern definitions for internal secret formats.

Disables any code that contains a secret.

Rewrites history to remove secrets.

Revokes GitHub access tokens automatically.

Questions 15

How does metered billing work in GitHub Enterprise Cloud with Enterprise Managed Users (EMU)?

Options:

Billing is based on number of total users in the enterprise

Billing is based on owners and members of GitHub organizations

Billing is based on total users in the enterprise that are not dormant

Billing is based on the number of users created in Azure AD

Questions 16

Which of the following are valid ways to pass data to a reusable workflow in a separate repository?

Options:

Use environment variables to pass data directly to the reusable workflow.

Define inputs in the reusable workflow and pass values from the calling workflow.

Define the secrets in the caller repository and call the reusable workflow using the ‘secrets’ keyword.

Define the secrets in the reusable workflow's repository and reference the secret using the ‘secrets’ context.

Questions 17

Why would a GitHub App be favored over a machine account for automation tasks?

Options:

Machine accounts are required for webhook delivery.

GitHub Apps provide a higher rate limit ceiling than using a personal access token on a machine account, when they use an install token and are owned by a GitHub Enterprise Cloud licensed enterprise.

GitHub Apps are limited to a single repository.

Machine accounts are easier to audit than GitHub Apps.