GHAS Certification Exam Prep: Week Four - Managing Your GitHub Securely #139526
Replies: 4 comments
-
I believe these are the answers for this week: Question One: How can you manage GitHub Advanced Security alerts? Question Two: What can you do to ensure that everyone in your organization is using GitHub Advanced Security? Question Three: Which GitHub Advanced Security feature isn't available on public repositories? Question Four: Which tool helps identify and block secrets from being pushed into repositories? Question Five: How can security policies be managed within GitHub? Question Six: Which of the following is NOT a step in setting security policies within GitHub? Question Seven: How can you ensure compliance with industry standards when managing sensitive data in GitHub? Thank you very much for the new course content this week. Overall, thank you very much for this course. It has been a fantastic learning resource. And thank you very much for your comments and your kindness, @queenofcorgis, @gitstua. |
Beta Was this translation helpful? Give feedback.
-
Thanks again for the awesome list of resources, especially the Microsoft Learn paths! As for the answers, Q1. A |
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
|
Beta Was this translation helpful? Give feedback.
-
This is our last week of GHAS certification exam, if you missed Week One’s Discussion, Week Two’s Discussion, and/or, Week Three’s Discussion don’t worry feel free to get started and join us when you are caught up. The final installment covers Admin Essentials. We’re here to answer questions and share knowledge 💡 .
Plus, prep materials and test questions to continue on studying. As a reminder, we'll be selecting five participants to receive a free GitHub Certifications exam voucher 🎫 .
Step One: Prep 📚
Use these materials to study before answering this week’s prep questions.
Step Two: Test Your Knowledge ⚡
Question One: How can you manage GitHub Advanced Security alerts?
A) By using the GitHub Advanced Security API endpoints
B) By manually checking each repository
C) By using a third-party tool
D) By disabling security features
Question Two: What can you do to ensure that everyone in your organization is using GitHub Advanced Security?
A) Give access to security alerts to users and teams with write permission on their repositories.
B) Add a SECURITY.md file to the root, docs, or .github folder of your organization's repositories.
C) Set a security policy at the organization level.
Question Three: Which GitHub Advanced Security feature isn't available on public repositories?
A) Secret scanning.
B) Security Overview.
C) Code scanning.
Question Four: Which tool helps identify and block secrets from being pushed into repositories?
A) Code scanning
B) Secret scanning
C) Dependency management
D) Issue tracking
Question Five: How can security policies be managed within GitHub?
A) By creating documentation that details security guidelines
B) By setting permissions and rules
C) By automating processes to prevent security breaches
D) All of the above
Question Six: Which of the following is NOT a step in setting security policies within GitHub?
A) Creating documentation that details security guidelines
B) Setting permissions and rules
C) Automating processes to prevent security breaches
D) Allowing unrestricted access to all users
Question Seven: How can you ensure compliance with industry standards when managing sensitive data in GitHub?
A) By ignoring security alerts
B) By using GitHub's basic security tools like secret scanning and code scanning
C) By disabling security features
D) By allowing bulk export of sensitive data
We’ll be sharing the answers in the comments on Friday 🧠
Use the discussion below to share additional study resources, ask questions for our team to answer, and respond to our prep questions
Stay tuned next week for a follow-up discussion to share feedback and more!
Beta Was this translation helpful? Give feedback.
All reactions