최신 GitHub-Advanced-Security 무료덤프 - GitHub Advanced Security GHAS

문제1

Where in the repository can you give additional users access to secret scanning alerts?

A. Insights

B. Secrets

C. Settings

D. Security

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제2

Assuming that no custom Dependabot behavior is configured, who has the ability to merge a pull request created via Dependabot security updates?

A. An enterprise administrator

B. A user who has read access to the repository

C. A user who has write access to the repository

D. A repository member of an enterprise organization

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제3

What step is required to run a SARIF-compatible (Static Analysis Results Interchange Format) tool on GitHub Actions?

A. Use the CLI to upload results to GitHub.

B. Update the workflow to include a final step that uploads the results.

C. The CodeQL action uploads the SARIF file automatically when it completes analysis.

D. By default, the CodeQL runner automatically uploads results to GitHub on completion.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제4

In a private repository, what minimum requirements does GitHub need to generate a dependencygraph? (Each answer presents part of the solution. Choose two.)

A. Read-only access to the dependency manifest and lock files for a repository

B. Dependency graph enabled at the organization level for all new private repositories

C. Write access to the dependency manifest and lock files for an enterprise

D. Read-only access to all the repository's files

정답: A,B

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Which of the following tasks can be performed by a security team as a proactive measure to help address secret scanning alerts? (Each answer presents a complete solution. Choose two.)

A. Document alternatives to storing secrets in the source code.

B. Enable system for cross-domain identity management (SCIM) provisioning for the enterprise.

C. Configure a webhook to monitor for secret scanning alert events.

D. Dismiss alerts that are older than 90 days.

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

문제6

Which patterns are secret scanning validity checks available to?

A. Custom patterns

B. Partner patterns

C. High entropy strings

D. Push protection patterns

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제7

What do you need to do before you can define a custom pattern for a repository?

A. Provide a regular expression for the format of your secret pattern.

B. Add a secret scanning custom pattern.

C. Provide match requirements for the secret format.Stack Overflow

D. Enable secret scanning on the repository.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제8

When secret scanning detects a set of credentials on a public repository, what does GitHub do?

A. It sends a notification to repository members.

B. It notifies the service provider who issued the secret.

C. It scans the contents of the commits for additional secrets.

D. It displays a public alert in the Security tab of the repository.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

최신 GitHub-Advanced-Security 무료덤프 - GitHub Advanced Security GHAS

우리와 연락하기

유용한 링크

최신 업데이트