Online Access Free GitHub-Advanced-Security Practice Test

In a private repository, what minimum requirements does GitHub need to generate a dependencygraph? (Each answer presents part of the solution. Choose two.)

• A.Write access to the dependency manifest and lock files for an enterprise
• B.Dependency graph enabled at the organization level for all new private repositories
• C.Read-only access to the dependency manifest and lock files for a repository
• D.Read-only access to all the repository's files

Which details do you have to provide to create a custom pattern for secret scanning? (Each answer presents part of the solution. Choose two.)

• A.A list of repositories to scan
• B.The secret format
• C.Additional match requirements for the secret format
• D.The name of the pattern

Which of the following is the best way to prevent developers from adding secrets to the repository?

• A.Configure a security manager
• B.Enable push protection
• C.Make the repository public
• D.Create a CODEOWNERS file

Which of the following options would close a Dependabot alert?

• A.Viewing the dependency graph
• B.Leaving the repository in its current state
• C.Creating a pull request to resolve the vulnerability that will be approved and merged
• D.Viewing the Dependabot alert on the Dependabot alerts tab of your repository

What does a CodeQL database of your repository contain?

• A.A build for Go projects to set up the project
• B.A build of the code and extracted data
• C.Build commands for C/C++, C#, and Java
• D.A representation of all of the source code GitHub Agentic AI for AppSec Teams