GitHub Advanced Security GHAS Exam (GitHub-Advanced-Security) Free Practice Test

Question 1

Where can you find a deleted line of code that contained a secret value?

A. Issues

B. Dependency graph

C. Insights

D. Commits

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 2

What do you need to do before you can define a custom pattern for a repository?

A. Provide match requirements for the secret format.Stack Overflow

B. Add a secret scanning custom pattern.

C. Provide a regular expression for the format of your secret pattern.

D. Enable secret scanning on the repository.

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 3

If notification and alert recipients are not customized, which users receive notifications about new Dependabot alerts in an affected repository?

A. Users with Write permissions to the repository

B. Users with Read permissions to the repository

C. Users with Maintain privileges to the repository

D. Users with Admin privileges to the repository

Correct Answer: A

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 4

Which key is required in the update settings of the Dependabot configuration file?

A. commit-message

B. rebase-strategy

C. package-ecosystem

D. assignees

Correct Answer: C

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 5

When does Dependabot alert you of a vulnerability in your software development process?

A. When Dependabot opens a pull request to update a vulnerable dependency

B. When a pull request adding a vulnerable dependency is opened

C. As soon as a pull request is opened by a contributor

D. As soon as a vulnerable dependency is detected

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 6

When using CodeQL, what extension stores query suite definitions?

A. .qll

B. .qls

C. .ql

D. .yml

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 7

What is a prerequisite to define a custom pattern for a repository?

A. Specify additional match criteria

B. Enable secret scanning

C. Change the repository visibility to Internal

D. Close other secret scanning alerts

Correct Answer: B

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Question 8

What happens when you enable secret scanning on a private repository?

A. Your team is subscribed to security alerts.

B. Dependency review, secret scanning, and code scanning are enabled.

C. Repository administrators can view Dependabot alerts.

D. GitHub performs a read-only analysis on the repository.

Correct Answer: D

Explanation: Only visible for TestSimulate members. You can sign-up / login (it's free).

Welcome to TestSimulate

GitHub Advanced Security GHAS (GitHub-Advanced-Security) Free Practice Test