Free GitHub GitHub-Advanced-Security Exam Dumps Questions & Answers

If notification and alert recipients are not customized, which users receive notifications about new Dependabot alerts in an affected repository?

• A.  Users with Maintain privileges to the repository
• B.  Users with Admin privileges to the repository
• C.  Users with Read permissions to the repository
• D.  Users with Write permissions to the repository

Which of the following secret scanning features can verify whether a secret is still active?

• A.  Push protection
• B.  Branch protection
• C.  Validity checks
• D.  Custom patterns

You have enabled security updates for a repository. When does GitHub mark a Dependabot alert as resolved for that repository?

• A.  When you dismiss the Dependabot alert
• B.  When you merge a pull request that contains a security update
• C.  When Dependabot creates a pull request to update dependencies
• D.  When the pull request checks are successful

Why should you dismiss a code scanning alert?

• A.  If there is a production error in your code
• B.  If it includes an error in code that is used only for testing
• C.  If you fix the code that triggered the alert
• D.  To prevent developers from introducing new problems

Assuming security and analysis features are not configured at the repository, organization, or enterprise level, secret scanning is enabled on:

• A.  Public repositories
• B.  User-owned private repositories
• C.  Private repositories
• D.  All new repositories within your organization