GitHub-Advanced-Security試験無料問題集（77題）「GitHub Advanced Security GHAS 認定」

出題：1

What should you do after receiving an alert about a dependency added in a pull request?

A. Deploy the code to your default branch

B. Disable Dependabot alerts for all repositories owned by your organization

C. Fork the branch and deploy the new fork

D. Update the vulnerable dependencies before the branch is merged

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：2

When secret scanning detects a set of credentials on a public repository, what does GitHub do?

A. It scans the contents of the commits for additional secrets.

B. It displays a public alert in the Security tab of the repository.

C. It sends a notification to repository members.

D. It notifies the service provider who issued the secret.

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：3

Assuming that notification settings and Dependabot alert recipients have not been customized, which user account setting should you use to get an alert when a vulnerability is detected in one of your repositories?

A. Enable all in existing repositories

B. Enable by default for new public repositories

C. Enable all for Dependency graph

D. Enable all for Dependabot alerts

正解：D 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：4

Which of the following options would close a Dependabot alert?

A. Viewing the Dependabot alert on the Dependabot alerts tab of your repository

B. Viewing the dependency graph

C. Creating a pull request to resolve the vulnerability that will be approved and merged

D. Leaving the repository in its current state

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：5

Why should you dismiss a code scanning alert?

A. If there is a production error in your code

B. If you fix the code that triggered the alert

C. If it includes an error in code that is used only for testing

D. To prevent developers from introducing new problems

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：6

Assuming that notification and alert recipients are not customized, what does GitHub do when it identifies a vulnerable dependency in a repository where Dependabot alerts are enabled? (Each answer presents part of the solution. Choose two.)

A. It generates a Dependabot alert and displays it on the Security tab for the repository.

B. It consults with a security service and conducts a thorough vulnerability review.

C. It notifies the repository administrators about the new alert.

D. It generates Dependabot alerts by default for all private repositories.

正解：A,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：7

Which details do you have to provide to create a custom pattern for secret scanning? (Each answer presents part of the solution. Choose two.)

A. A list of repositories to scan

B. The secret format

C. The name of the pattern

D. Additional match requirements for the secret format

正解：B,C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

出題：8

Where can you find a deleted line of code that contained a secret value?

A. Insights

B. Issues

C. Commits

D. Dependency graph

正解：C 解答を投票する

解説: (GoShiken メンバーにのみ表示されます)

GitHub-Advanced-Security試験無料問題集「GitHub Advanced Security GHAS 認定」