GitHub has many features that help you improve and maintain the quality of your code. Some of these are included in all plans, such as dependency graph and Dependabot alerts. This is a practice quiz for GHAS certification.
Total questions: 30
Time: 50 minutes
Passing score: 70%
Disclaimer: These are practice questions, not dumps.
START QUIZ
#1. The tool that checks if a pull request introduces any dependencies with security vulnerabilities is called?
#2. You need GitHub Actions enabled for?
#3. What does `CVSS` stand for?
#4. What does `CVE` stand for?
#5. What does `CWE` stand for?
#6. Which dependabot comment command will get a pull request successfully completed?
#7. Jobs that run on macOS runners that GitHub hosts consume minutes at __ rate as Linux runners consume?
#8. Which feature provides a safe space for code maintainers to discuss how to best address errors and vulnerabilities found in the codebase?
#9. Which branch(s) is/are scanned to detect the secrets?
#10. How many days in Git history are scanned by Secret scanning?
#11. Can you add custom patterns to detect specific secrets?
#12. Which GHAS feature allows you to prevent pushing a commit which contains a secret?
#13. Does Dependency graph scan your source code?
#14. What are the CodeQL languages supported? (Choose three)
Select all that apply:
#15. What are the supported packages managers by Depndabot? (Choose three)
Select all that apply:
#16. Which file format permits to integrate results for a 3rd party scanning tool?
#17. What is the name of the file to declare the security policy of a repository?
#18. What are Dependabot security updates?
#19. Dependabot Alerts are enabled by default on?
#20. Who can enable Dependabot alerts on a repository?
#21. What's the lowest access level needed to see Dependabot alerts in a repository within an organization?
#22. How to enable Dependabot Alerts on all repositories in an organization?
#23. Which of these is not a GitHub supported channel for receiving Dependabot alerts?
#24. What are Dependabot auto-triage rules?
#25. How can you automate dismissing low severity Dependabot alerts?
#26. How can you enable GitHub Advanced Security features on GitHub Enterprise Server? (Choose two.)
Select all that apply:
#27. How can you enable GitHub Advanced Security features for all repositories in an organization in GitHub Enterprise Cloud?
#28. As a repository maintainer where should you put instructions on how to report a security vulnerability in your codebase?
#29. How can you set a default security policy for all repositories in `my-org` GitHub Organization?
#30. What is the GitHub security policy?
Finish
Post Views: 24