[Apr 14, 2026] Genuine GH-100 Exam Dumps Free Demo
Printable & Easy to Use GitHub Administrator GH-100 Dumps 100% Same Q&A In Your Real Exam
NEW QUESTION # 36
Which of the following are valid ways to pass data to a reusable workflow in a separate repository?
- A. Define the secrets in the reusable workflow's repository and reference the secret using the 'secrets' context.
- B. Define inputs in the reusable workflow and pass values from the calling workflow.
- C. Use environment variables to pass data directly to the reusable workflow.
- D. Define the secrets in the caller repository and call the reusable workflow using the 'secrets' keyword.
Answer: B,D
Explanation:
You declare namedinputs in the reusable workflow's on.workflow_call block and then pass values from the caller using thewithkeyword, allowing the called workflow to consume those parameters.
You define required secrets in the caller repository and supply them to the reusable workflow via thesecretskeyword in the workflow-call step, ensuring sensitive values are securely passed.
NEW QUESTION # 37
Which of the following accurately contrasts a GitHub App and a GitHub Action?
- A. GitHub Apps run only on GitHub-provided virtual machines, while GitHub Actions run only on customer-hosted machines
- B. GitHub Actions are limited to reading repository content only
- C. GitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories
- D. GitHub Apps can only be used inside .github/workflows
Answer: C
Explanation:
GitHub Actions workflows are defined and triggered within a single repository's context, whereas GitHub Apps are installed at the organization or user level and can subscribe to events across multiple repositories.
NEW QUESTION # 38
What additional capability does secret scanning offer for private repositories on GitHub Enterprise Cloud?
- A. Allows custom pattern definitions for internal secret formats.
- B. Disables any code that contains a secret.
- C. Rewrites history to remove secrets.
- D. Revokes GitHub access tokens automatically.
Answer: A
Explanation:
Secret scanning in private repositories on GitHub Enterprise Cloud lets you define and use custom regular-expression patterns - so you can detect internal or proprietary secret formats beyond the default partner-provided types.
NEW QUESTION # 39
A token was used to access an organization's resource via API. What fields in the audit log help determine who used it?
- A. The GitHub Actions runner name
- B. The token expiration date
- C. The token's permissions and the geographic region of access
- D. The token ID, requesting IP address, and associated user
Answer: D
Explanation:
The audit log records the token's identifier (the hashed_token value), the source IP address of the request, and the actor (the user or app) associated with that token, allowing you to trace exactly who used it.
NEW QUESTION # 40
What needs to be done to ensure that only specific repositories can access the runners in an organization runner group?
- A. Configure repository access in the runner group settings.
- B. Add a label to the runner group.
- C. Configure the Actions Policies to "Only selected repositories".
- D. Use GitHub's meta API to configure access.
Answer: A
Explanation:
In the organization's runner group settings, switch the access from "All repositories" to "Selected repositories" and then explicitly choose which repos may use those runners.
NEW QUESTION # 41
Which of the following is true about outside collaborators in a GitHub organization?
- A. They inherit organization-wide policies, such as SSO requirements.
- B. They are granted explicit access to specific repositories.
- C. They appear in the organization's internal member list.
- D. They have access to all private repositories by default.
Answer: B
Explanation:
Outside collaborators aren't organization members; instead, they're granted explicit access - at read, write, or admin level - to only the repositories you choose.
NEW QUESTION # 42
You have subscribed to GitHub Premium Support, and you need to submit a support ticket. GitHub Premium Support can help you with:
- A. writing scripts.
- B. integrating with third-party applications.
- C. setting up hardware.
- D. installing GitHub Enterprise Server.
Answer: D
Explanation:
GitHub Premium Support includes assistance with installing and using GitHub Enterprise Server, ensuring your deployment is configured correctly and any installation issues are resolved.
NEW QUESTION # 43
Which of the following is a key benefit of using GitHub Marketplace Apps in an enterprise?
- A. They often include integrations with external services, reducing the need for custom code
- B. They guarantee no downtime during enterprise GitHub maintenance windows
- C. Apps eliminate the need for GitHub Actions entirely
- D. All apps come pre-approved by GitHub's internal security team
Answer: A
Explanation:
GitHub Marketplace Apps come with built-in integrations to external services - so you can plug in things like CI servers, code-quality scanners, or deployment tools without writing and maintaining custom connectors.
NEW QUESTION # 44
You need to create a support bundle for your GitHub Enterprise Server instance with the hostname ghe.avocado.corp. What command should you use to create a support bundle?
- A. ssh -p 122 [email protected] - 'ghe-diagnostics' > support-bundle.tgz
- B. ssh -p 122 [email protected] -- 'ghe-config generate-support-bundle' > support-bundle.tgz
- C. ssh -p 122 [email protected] -- 'ghe-support-bundle -o' > support-bundle.tgz
- D. curl -u admin https://ghe.avocado.corp/diagnostics/support-bundle.tgz -o
Answer: C
Explanation:
Run the ghe-support-bundle command over SSH on your appliance and redirect its output to a file. For example:
ssh -p 122 [email protected] -- 'ghe-support-bundle -o' > support-bundle.tgz This invokes the built-in support-bundle utility on your GitHub Enterprise Server instance and captures the resulting archive locally.
NEW QUESTION # 45
How does GitHub handle secrets found via secret scanning in a public repository?
- A. It alerts the service provider (e.g., AWS, Stripe).
- B. It immediately blocks the commit to protect the secret.
- C. It deletes the secret from the repository automatically.
- D. It notifies the admin via webhook.
Answer: A
Explanation:
When secret scanning detects a supported credential in a public repository, GitHub notifies the issuing service provider so they can revoke or rotate the exposed secret.
NEW QUESTION # 46
In a GitHub repository using Dependabot, which of the following best describes the purpose of the .github/dependabot.yml file?
- A. It encrypts dependency versions before storing them in the repo.
- B. It lists commit SHAs to exclude from automatic pull requests.
- C. It enables GitHub to scan for secrets in dependency files.
- D. It configures scheduling, package ecosystems, and target directories for update checks.
Answer: D
Explanation:
The .github/dependabot.yml file defines Dependabot's package-ecosystem, the directories to inspect, and the update schedule (daily/weekly/monthly), controlling when and where Dependabot checks for new versions.
NEW QUESTION # 47
An organization wants to share a single API key required for their Actions workflows. They need to restrict its use to only a subset of repositories. Where should they configure the secrets to minimize maintenance?
- A. Development environment secrets
- B. Repository secrets
- C. Environment secrets
- D. Organization secrets
Answer: D
Explanation:
By defining the API key as an organization secret, you centralize management and can grant access only to the subset of repositories you choose - eliminating per-repo duplication while enforcing the desired scope.
NEW QUESTION # 48
Which of the following correctly describes the difference between controlling actions at the enterprise level versus the organization level in GitHub?
- A. Enterprise policies configure mandatory settings for organizations.
- B. Enterprise policies can block specific actions, while organization policies can only enable or disable actions entirely.
- C. Enterprise policies and organization policies are independent, with organization policies taking precedence for repositories within the organization.
- D. Enterprise policies apply only to public repositories, while organization policies apply to public, internal, and private repositories.
Answer: A
Explanation:
Enterprise policies let you define and enforce mandatory settings across all member organizations - organization-level policies then operate within the options that the enterprise policy exposes.
NEW QUESTION # 49
When comparing a partner identity provider integration with a non-partner identity management solution for GitHub Enterprise Managed Users, which statement is Correct?
- A. The non-partner identity provider integrations require manual configuration of SAML 2.0 details.
- B. The partner identity provider integrations support fewer GitHub-supported authentication methods.
- C. The non-partner identity provider integrations can utilize OIDC for authentication.
- D. The partner identity provider integrations rely on the partner to support the application on the partner IdP.
Answer: A
Explanation:
Non-partner identity provider integrations require you to enter SAML2.0 configuration details by hand - such as the Sign-on URL, Issuer, and X.509 certificate - whereas partner IdPs supply a pre-configured application integration.
NEW QUESTION # 50
Which of the following is the responsibility of a Team Maintainer in a GitHub organization? (Choose two.)
- A. Adding or removing team members.
- B. Deleting repositories assigned to the team.
- C. Modifying organization-wide settings.
- D. Managing nested sub-teams.
Answer: A,D
Explanation:
Team maintainers can manage nested sub-teams - requesting to add or change parent/child teams within the organization's hierarchy.
Team maintainers have permission to add and remove members from their team, controlling day-to-day team membership.
NEW QUESTION # 51
You are an administrator and need to enforce a policy on forking private and internal repositories. Which options are available for configuring the policy at the enterprise level? (Each answer presents a complete solution. Choose three.)
- A. Disallow forking of private and internal repositories.
- B. Disallow repository owners from administering the setting at the repository level.
- C. Allow specific people or teams to fork private and internal repositories.
- D. Allow organization owners to administer the setting at the organization level.
- E. Allow people who have access to private and internal repositories to fork these repositories.
Answer: A,D,E
Explanation:
You can configure the enterprise policy toallow organization owners to administer the forking setting at the organization level, giving them control over how repos fork within their orgs.
You can choose toallow any user who already has access to a private or internal repo to fork it.
You can also set the policy tonever allow forkingof private or internal repositories across all organizations.
NEW QUESTION # 52
You need to contact GitHub Premium Support. What are valid reasons for submitting a support ticket? (Each answer presents a complete solution. Choose two.)
- A. outages on GitHub.com affecting core Git functionality
- B. license renewal
- C. hardware setup issues or errors
- D. business impact from security issues within your organization
Answer: A,D
Explanation:
Business-impact security issues (for example, a critical vulnerability affecting your organization) are classified as High-priority tickets and are covered under your Premium Support SLA.
Outages on GitHub.com that disrupt core Git or web application functionality trigger Urgent-priority responses under Premium Support's SLA.
NEW QUESTION # 53
What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?
- A. EMUs are managed in GitHub and use GitHub authentication
- B. EMUs are fully controlled by an IdP and cannot log in with personal credentials
- C. EMUs are only available for GitHub Enterprise Server
- D. EMUs can only be created using email invites
Answer: B
Explanation:
EMU accounts are provisioned and authenticated exclusively through your identity provider - users sign in via the IdP and cannot use or manage GitHub-native credentials.
NEW QUESTION # 54
You want to ensure a secret is automatically available to only workflows in internal and private repositories in the organization. Where do you configure the required access policy?
- A. Runner groups
- B. Rulesets
- C. Organization secret
- D. Actions policies
Answer: C
Explanation:
You set the access policy on the Organization Secret itself - configuring its visibility so it's scoped automatically to only internal and private repositories.
NEW QUESTION # 55
Which of the following is the responsibility of an Organization Owner in GitHub? (Choose three.)
- A. View and manage organization billing information.
- B. Manage organization settings, such as configuration and default permissions.
- C. Access repositories only if explicitly granted by a team maintainer.
- D. Create repositories without approval from other members.
Answer: A,B,D
Explanation:
Organization owners can view and edit billing information for the organization.
Organization owners may create new repositories in the organization without needing approval from other members.
Organization owners have full administrative control over organization settings, including configuring default repository permissions.
NEW QUESTION # 56
You are using GitHub-hosted runners and need to securely deploy to an internal system. The security team requires that these runners use IP address ranges that would not be shared with other companies. Which of the following approaches would meet their requirements?
- A. GitHub-hosted standard runners, using the IP addresses provided in "actions" from https://api.github.com/meta
- B. GitHub-hosted larger runners with Azure private networking
- C. GitHub-hosted larger runners with static IP addresses
- D. GitHub-hosted standard runners, using the IP addresses provided in "api" from https://api.github.com/meta
Answer: C
Explanation:
GitHub's larger runners let you reserve dedicated static IP addresses for your workflows - so you can allow-list those IPs in your firewall and be sure they aren't shared with any other tenant.
NEW QUESTION # 57
Why is a GitHub App preferred over a PAT for machine authentication?
- A. PATs support fewer GitHub APIs than Apps
- B. GitHub Apps are required to pass SAML assertions
- C. GitHub Apps have time-limited installation tokens with scoped access
- D. PATs cannot be used in GitHub Actions
Answer: C
Explanation:
GitHub Apps issue short-lived installation tokens that you scope to only the permissions and repositories your automation needs, reducing blast radius and automatically rotating credentials.
NEW QUESTION # 58
Which factor affects GitHub Actions pricing for GitHub-hosted runners on GitHub Enterprise Cloud?
- A. Number of contributors to the repository Explanation:Incorrect. Contributor count does not impact billing for Actions
- B. Operating system used in the runner environment
- C. Total number of repositories using Actions
- D. Number of workflows defined in .github/workflows/
Answer: B
Explanation:
GitHub Actions billing for GitHub-hosted runners is based on the number of minutes consumed and the operating system of the runner - Linux, Windows, and macOS each have different per-minute rates.
NEW QUESTION # 59
How does metered billing work in GitHub Enterprise Cloud with Enterprise Managed Users (EMU)?
- A. Billing is based on owners and members of GitHub organizations
- B. Billing is based on total users in the enterprise that are not dormant
- C. Billing is based on number of total users in the enterprise
- D. Billing is based on the number of users created in Azure AD
Answer: C
Explanation:
Billing for GitHub Enterprise Cloud under metered (usage-based) billing is calculated by the total number of Enterprise Managed Users (and other license-consuming accounts) in your enterprise - each EMU consumes a seat and contributes to the monthly bill.
NEW QUESTION # 60
Which Git operation is not included in the Git activity audit log?
- A. Push
- B. Fetch
- C. Delete branch
- D. Clone
Answer: C
Explanation:
Delete branch operations aren't tracked as Git-activity events; the Git activity audit log only records Git events such as clone, fetch (pull), and push.
NEW QUESTION # 61
......
Microsoft GH-100 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
GH-100 Practice Test Give You First Time Success with 100% Money Back Guarantee!: https://www.testsimulate.com/GH-100-study-materials.html