Free GitHub Advanced Security GHAS Exam GitHub-Advanced-Security Exam Practice Test

– [Configure GitHub Advanced Security Tools in GitHub Enterprise]Which of the following Watch settings could you use to get Dependabot alert notifications? (Each answer presents part of the solution. Choose two.)

• The Custom setting
• The Participating and @mentions setting
• The All Activity setting
• The Ignore setting

– [Use Code Scanning with CodeQL]Where can you use CodeQL analysis for code scanning? (Each answer presents part of the solution. Choose two.)

• In a third-party Git repository
• In a workflow
• In an external continuous integration (CI) system
• In the Files changed tab of the pull request

– [Describe GitHub Advanced Security Best Practices]As a contributor, you discovered a vulnerability in a repository. Where should you look for the instructions on how to report the vulnerability?

• support.md
• readme.md
• contributing.md
• security.md

[Configure and Use Dependency Management]A repository's dependency graph includes:

• Dependencies parsed from a repository's manifest and lock files.
• Annotated code scanning alerts from your repository's dependencies.
• A summary of the dependencies used in your organization's repositories.
• Dependencies from all your repositories.

– [Configure and Use Secret Scanning]What is the first step you should take to fix an alert in secret scanning?

• Archive the repository.
• Update your dependencies.
• Revoke the alert if the secret is still valid.
• Remove the secret in a commit to the main branch.

– [Configure GitHub Actions Workflows]As a repository owner, you do not want to run a GitHub Actions workflow when changes are made to any .txt or markdown files. How would you adjust the event trigger for a pull request that targets the main branch? (Each answer presents part of the solution. Choose three.)on:pull_request:branches: [main]

• - '/*.md'
• - '/*.txt'
• paths:
• paths-ignore:
• - 'docs/*.md'

– [Use Code Scanning with CodeQL]As a developer with write access, you navigate to a code scanning alert in your repository. When will GitHub close this alert?

• After you triage the pull request containing the alert
• When you use data-flow analysis to find potential security issues in code
• After you find the code and click the alert within the pull request
• After you fix the code by committing within the pull request

[Configure and Use Secret Scanning]Which patterns are secret scanning validity checks available to?

• High entropy strings
• Custom patterns
• Partner patterns
• Push protection patterns

– [Configure and Use Dependency Management]Which key is required in the update settings of the Dependabot configuration file?

• rebase-strategy
• commit-message
• assignees
• package-ecosystem

[Configure and Use Secret Scanning]Where in the repository can you give additional users access to secret scanning alerts?

• Security
• Settings
• Secrets
• Insights