nerdexam
Microsoft

AZ-400 · Question #417

You plan to create a GitHub workflow that will use GitHub Actions. The actions will require a 256- KB secret. You need to recommend a solution to store and encrypt the secret. The secret value must be

The correct answer is C. Encrypt the secret value and store the value in the repository.. To use secrets that are larger than 48 KB, you can use a workaround to store encrypted secrets in your repository and save the decryption passphrase as a secret on GitHub. Because it requires less administrative privilege it's at repository level. https://docs.github.com/en/actio

Submitted by rachelw· Mar 6, 2026Develop a security and compliance plan

Question

You plan to create a GitHub workflow that will use GitHub Actions. The actions will require a 256- KB secret. You need to recommend a solution to store and encrypt the secret. The secret value must be accessible only to the workflow. The solution must minimize administrative effort What should you recommend?

Options

  • AStore the secret in the organization-level GitHub secrets.
  • BStore the secret in the repository-level GitHub secrets.
  • CEncrypt the secret value and store the value in the repository.
  • DEncrypt the secret value and store the value in the repository.

How the community answered

(20 responses)
  • A
    15% (3)
  • B
    5% (1)
  • C
    75% (15)
  • D
    5% (1)

Explanation

To use secrets that are larger than 48 KB, you can use a workaround to store encrypted secrets in your repository and save the decryption passphrase as a secret on GitHub. Because it requires less administrative privilege it's at repository level. https://docs.github.com/en/actions/security-guides/encrypted-secrets

Topics

#GitHub secrets size limit#secret encryption#repository-level secrets#workflow security

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice