From c7657508f49b8d1412b3ab0b9ba00b473176d6a8 Mon Sep 17 00:00:00 2001
From: Aleksander Fidelus <63016446+FidelusAleksander@users.noreply.github.com>
Date: Mon, 20 Nov 2023 21:02:54 +0100
Subject: [PATCH] Add Advanced Security questions 13,14,15,16,17,18 (#97)

---
 archetypes/questions.md                          |  4 ++--
 .../questions/advanced_security/question-013.md  | 13 +++++++++++++
 .../questions/advanced_security/question-014.md  | 14 ++++++++++++++
 .../questions/advanced_security/question-015.md  | 13 +++++++++++++
 .../questions/advanced_security/question-016.md  | 13 +++++++++++++
 .../questions/advanced_security/question-017.md  | 16 ++++++++++++++++
 .../questions/advanced_security/question-018.md  | 13 +++++++++++++
 7 files changed, 84 insertions(+), 2 deletions(-)
 create mode 100644 content/questions/advanced_security/question-013.md
 create mode 100644 content/questions/advanced_security/question-014.md
 create mode 100644 content/questions/advanced_security/question-015.md
 create mode 100644 content/questions/advanced_security/question-016.md
 create mode 100644 content/questions/advanced_security/question-017.md
 create mode 100644 content/questions/advanced_security/question-018.md

diff --git a/archetypes/questions.md b/archetypes/questions.md
index 4873e121..0286c00b 100644
--- a/archetypes/questions.md
+++ b/archetypes/questions.md
@@ -9,9 +9,9 @@ draft: false
 > (optional hint) text hint or a link
 1. [x] Single-Choice Correct Answer
 1. [ ] Incorrect Answer
-1. [ ] 
+1. [ ] Incorrect Answer
 > (optional) explanation why this is a wrong answer
-1. [ ] 
+1. [ ] Incorrect Answer
 > (optional) explanation why this is a wrong answer
 
 
diff --git a/content/questions/advanced_security/question-013.md b/content/questions/advanced_security/question-013.md
new file mode 100644
index 00000000..a0a3d610
--- /dev/null
+++ b/content/questions/advanced_security/question-013.md
@@ -0,0 +1,13 @@
+---
+archetype: "questions"
+title: "Question 013"
+question: "How can You exclude certain directories or files from secret scanning?"
+draft: false
+---
+
+
+> https://docs.github.com/en/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories#excluding-directories-from-secret-scanning-alerts-for-users
+1. [x] By creating a `secret_scanning.yml` file and including paths that should not be scanned
+1. [ ] It's not possible to exclude specific files and/or directories from being scanned. Once You enable secret scanning for a repository, all files and directories will be scanned.
+1. [ ] Include these files in the `.gitignore` file
+1. [ ] By creating a `dependabot.yml` file and including paths which should not be scanned
diff --git a/content/questions/advanced_security/question-014.md b/content/questions/advanced_security/question-014.md
new file mode 100644
index 00000000..ad3febb4
--- /dev/null
+++ b/content/questions/advanced_security/question-014.md
@@ -0,0 +1,14 @@
+---
+archetype: "questions"
+title: "Question 014"
+question: "You have included some fake secrets in Your test code and they have been picked up by GitHub's secret scanning. What can You do to tell GitHub that these are fake secrets and can be ignored? (Choose two.)"
+draft: false
+---
+
+
+> <br/> [Managing secret scanning alerts](https://docs.github.com/en/code-security/secret-scanning/managing-alerts-from-secret-scanning#managing-secret-scanning-alerts) 
+> <br/> [Excluding directories from secret scanning alerts](https://docs.github.com/en/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories#excluding-directories-from-secret-scanning-alerts-for-users)
+- [x] By creating a `secret_scanning.yml` file within which you declare paths where fake secrets are located, so scans will omit them
+- [x] Close the Secret Scanning Alert with `Used in tests` close reason
+- [ ] In your test files, add a comment `#gh_ignore: fake secret` on the line where the fake secret is located.
+- [ ] By creating a `.github/codeql.yml` file within which you declare paths where fake secrets are located, so scans will omit them
diff --git a/content/questions/advanced_security/question-015.md b/content/questions/advanced_security/question-015.md
new file mode 100644
index 00000000..75783c33
--- /dev/null
+++ b/content/questions/advanced_security/question-015.md
@@ -0,0 +1,13 @@
+---
+archetype: "questions"
+title: "Question 015"
+question: "You have accidentaly commited Your GitHub personal access token to a public repository. What actions should You take to prevent Your account from being compromised?"
+draft: false
+---
+
+
+> https://docs.github.com/en/code-security/secret-scanning/managing-alerts-from-secret-scanning#securing-compromised-secrets
+1. [x] Consider the token compromised and delete it immediately
+1. [ ] Change the token's permissions to read-only
+1. [ ] Overwrite the git history to mask the token
+1. [ ] Check if this token is used in any of your applications, if so - delete it.
diff --git a/content/questions/advanced_security/question-016.md b/content/questions/advanced_security/question-016.md
new file mode 100644
index 00000000..26c768b7
--- /dev/null
+++ b/content/questions/advanced_security/question-016.md
@@ -0,0 +1,13 @@
+---
+archetype: "questions"
+title: "Question 016"
+question: "What is the behaviour when a new secret pattern is added or updated in the GitHub secret scanning partner program?"
+draft: false
+---
+
+
+> https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning#accessing-secret-scanning-alerts
+1. [x] GitHub will run a scan of all historical code content in public repositories with secret scanning enabled
+1. [ ] GitHub will only scan for the new pattern in newly pushed commits in repositories with secret scanning enabled. If a secret of that pattern was already present in the repository, it will not be detected.
+1. [ ] The GitHub partner has to deal with the historicly leaked secrets and GitHub will only scan any new commits for the new pattern
+1. [ ] GitHub will create an issue in all repositories with secret scanning enabled so the maintainers can check the repository for any secrets matching the new pattern
diff --git a/content/questions/advanced_security/question-017.md b/content/questions/advanced_security/question-017.md
new file mode 100644
index 00000000..8ce10863
--- /dev/null
+++ b/content/questions/advanced_security/question-017.md
@@ -0,0 +1,16 @@
+---
+archetype: "questions"
+title: "Question 017"
+question: "Who will be notified when a NEW secret is pushed and detected in a repository? (Choose four.)"
+draft: false
+---
+
+
+> https://docs.github.com/en/code-security/secret-scanning/managing-alerts-from-secret-scanning#incremental-scans
+- [x] Repository Administrators
+- [x] Security Managers
+- [x] Users with with custom roles with read/write access
+- [x] Organization owners and enterprise owners, but only if they are administrators of repositories where secrets were leaked
+- [ ] Everyone with write access to the repository
+- [ ] All Organization owners and enterprise owners
+- [ ] Commit authors
diff --git a/content/questions/advanced_security/question-018.md b/content/questions/advanced_security/question-018.md
new file mode 100644
index 00000000..c642c389
--- /dev/null
+++ b/content/questions/advanced_security/question-018.md
@@ -0,0 +1,13 @@
+---
+archetype: "questions"
+title: "Question 018"
+question: "When GitHub runs a scan of all historical code in enterprise repositories what is the notification behaviour? (Select two.)"
+draft: false
+---
+
+
+> https://docs.github.com/en/code-security/secret-scanning/managing-alerts-from-secret-scanning#historical-scans
+- [x] GitHub notifies the enterprise owners and security managers, even if no secrets are found.
+- [x] GitHub notifies Repository administrators, security managers, and users with custom roles with read/write access whenever a secret is detected in a repository.
+- [ ] GitHub notifies the enterprise owners and security managers, only if it detects exposed secrets.
+- [ ] GitHub notifies the commit authors of the commits that contain exposed secrets.