New Year Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

What makes GitHub Apps a more secure choice for automation over OAuth Apps?

A.

GitHub Apps always require two-factor authentication.

B.

GitHub Apps can only be installed by organization owners.

C.

GitHub Apps are limited to read-only access and cannot write to repositories.

D.

GitHub Apps authenticate as an appwithfine-grained permissions, not as a user.

How does GitHub handle secrets found via secret scanning in a public repository?

A.

It alerts the service provider (e.g., AWS, Stripe).

B.

It immediately blocks the commit to protect the secret.

C.

It deletes the secret from the repository automatically.

D.

It notifies the admin via webhook.

Which of the following correctly describes the difference between controlling actions at the enterprise level versus the organization level in GitHub?

A.

Enterprise policies and organization policies are independent, with organization policies taking precedence for repositories within the organization.

B.

Enterprise policies configure mandatory settings for organizations.

C.

Enterprise policies apply only to public repositories, while organization policies apply to public, internal, and private repositories.

D.

Enterprise policies can block specific actions, while organization policies can only enable or disable actions entirely.

You are an administrator and need to enforce a policy on forking private and internal repositories. Which options are available for configuring the policy at the enterprise level? (Each answer presents a complete solution. Choose three.)

A.

Allow organization owners to administer the setting at the organization level.

B.

Allow people who have access to private and internal repositories to fork these repositories.

C.

Allow specific people or teams to fork private and internal repositories.

D.

Disallow repository owners from administering the setting at the repository level.

E.

Disallow forking of private and internal repositories.

Which GitHub feature is responsible for tracking dependencies and known vulnerabilities in those dependencies from an advisory database?

A.

Repository Insights

B.

Dependency Graph

C.

Security Policy

D.

CodeQL

Which of the following actions can a user with Write permissions perform in a GitHub repository?

A.

Manage repository settings, such as labels and GitHub Pages.

B.

Push code to non-protected branches.

C.

Configure branch protection rules.

D.

Delete the repository.

Your enterprise has multiple organizations, and you want to ensure consistent security policies across all teams. Which feature should you use?

A.

Outside collaborators for all repositories.

B.

Organization-specific teams with custom policies.

C.

Enterprise-level teams with inherited enterprise policies.

D.

Assigning admin permissions to all team members.

What needs to be done to ensure that only specific repositories can access the runners in an organization runner group?

A.

Use GitHub's meta API to configure access.

B.

Add a label to the runner group.

C.

Configure repository access in the runner group settings.

D.

Configure the Actions Policies to "Only selected repositories".

Which events from the audit log are exposed by the GraphQL API? Each answer presents a complete solution. (Choose three.)

A.

changes in permissions

B promoting users to administrators

B.

pushes to repositories

C.

changes to permissions of a GitHub App

D.

cloning of repositories