nerdexam
Microsoft

AZ-400 · Question #469

You have a GitHub repository. You need to ensure that all the code in the repository is scanned for vulnerabilities. What should you use?

The correct answer is C. CodeQL actions. Static analysis tool to your code for potential security vulnerabilities and other code-related >Dependabot alerts, focused on dependencies to detect security vulnerabilities. >Branch protection rules, enforce certain checks and restrictions before allowing changes to be merged,

Submitted by anjalisingh· Mar 6, 2026Develop a security and compliance plan

Question

You have a GitHub repository. You need to ensure that all the code in the repository is scanned for vulnerabilities. What should you use?

Options

  • ADependabot alerts
  • Bbranch protection rules
  • CCodeQL actions
  • DGitHub Advisory Database databases

How the community answered

(27 responses)
  • A
    7% (2)
  • C
    89% (24)
  • D
    4% (1)

Explanation

Static analysis tool to your code for potential security vulnerabilities and other code-related >Dependabot alerts, focused on dependencies to detect security vulnerabilities. >Branch protection rules, enforce certain checks and restrictions before allowing changes to be merged, e.g. Require an code review, ensure that all tests pass, specify number of approving >GitHub Advisory Database, Central repository of known vulnerabilities that can be accessed by various security-related tools, e.g. Dependabot.

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice