nerdexam
Microsoft

AZ-400 · Question #460

You have a public GitHub repository named Public1. A commit is made to Public1. The commit contains a pattern that matches a regular expression. Who is notified first when the commit is made?

The correct answer is D. the secret scanning partner. https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning#about-secret- scanning-alerts-for-partners When you make a repository public, or push changes to a public repository, GitHub always scans the code for secrets that match partner patterns. Public packag

Submitted by weili_xi· Mar 6, 2026Develop a security and compliance plan

Question

You have a public GitHub repository named Public1. A commit is made to Public1. The commit contains a pattern that matches a regular expression. Who is notified first when the commit is made?

Options

  • Athe administrator of the GitHub organization
  • Bthe committer
  • Cthe owner of Public1
  • Dthe secret scanning partner

How the community answered

(38 responses)
  • A
    11% (4)
  • B
    5% (2)
  • C
    3% (1)
  • D
    82% (31)

Explanation

https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning#about-secret- scanning-alerts-for-partners When you make a repository public, or push changes to a public repository, GitHub always scans the code for secrets that match partner patterns. Public packages on the npm registry are also scanned. If secret scanning detects a potential secret, we notify the service provider who issued the secret. The service provider validates the string and then decides whether they should revoke the secret, issue a new secret, or contact you directly. Their action will depend on the associated risks to you or them. You cannot change the configuration of secret scanning for partner patterns on public

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice