GH-100 Exam Questions
65 real GH-100 exam questions with expert-verified answers and explanations. Page 1 of 2.
- Question #1Manage access and permissions based on membership
Which events from the audit log are exposed by the GraphQL API? Each answer presents a complete solution. (Choose three.)
GraphQL APIAudit LogsAPI CapabilitiesPermissions - Question #2Manage security
When a token is used to perform actions across different GitHub resources, how is this reflected in audit logs?
Audit logsAccess tokensAPI loggingSecurity monitoring - Question #3Automate GitHub administration
Which practice helps avoid service disruption when consuming GitHub APIs at scale?
GitHub APIsRate LimitingBest PracticesService Reliability - Question #4Manage security
How does GitHub handle secrets found via secret scanning in a public repository?
Secret ScanningSecurity AlertsPublic RepositoriesProvider Notification - Question #5Manage security
Our organization is updating its enterprise policies. Which of the following steps should you take to ensure alignment with security requirements?
Security Policy ManagementPolicy DocumentationComplianceEnterprise Security - Question #6Implement GitHub Enterprise administration
Which of the following correctly describes the difference between controlling actions at the enterprise level versus the organization level in GitHub?
Enterprise policiesOrganization policiesPolicy enforcementAdministrative hierarchy - Question #7Manage organizations and repositories
What is the potential consequence of enabling multiple rulesets that apply to the same branch in a repository?
GitHub rulesetsBranch protectionRepository configurationPolicy enforcement - Question #8Enable secure software development and ensure compliance
In a GitHub repository using Dependabot, which of the following best describes the purpose of the .github/dependabot.yml file?
DependabotDependency UpdatesConfiguration - Question #9Enable secure software development and ensure compliance
What is the key benefit of using a GitHub security advisory within a repository?
GitHub Security AdvisoryVulnerability ManagementSecure Software DevelopmentPrivate Disclosure - Question #10Enable secure software development and ensure compliance
How does GitHub support compliance requirements for enterprises?
ComplianceEnterprise featuresAudit loggingSAML - Question #11Enable secure software development and ensure compliance
You discover that a secret (e.g., a token or password) was accidentally committed to a GitHub repository. What is the first step you should take to mitigate the risk?
Secret managementIncident responseRepository securityData leak mitigation - Question #12Manage security
Why would someone choose to configure a security policy?
Security PolicyOpen SourceVulnerability DisclosureRepository Configuration - Question #13Enable secure software development and ensure compliance
How is CodeQL different from other static analysis tools? A It removes insecure code automatically
CodeQLStatic AnalysisSecurity ToolsCode Scanning - Question #14Implement GitHub Enterprise administration
Your enterprise has multiple organizations, and you want to ensure consistent security policies across all teams. Which feature should you use?
Enterprise policiesConsistent securityTeam managementGitHub Enterprise - Question #15Enable secure software development and ensure compliance
What benefit does GitHub Advanced Security provide?
GitHub Advanced SecurityCode securitySecure developmentCode quality - Question #16Manage security
Which Git operation is not included in the Git activity audit log?
Audit logsGit operationsGitHub securityEnterprise administration - Question #17Implement GitHub Enterprise administration
You are an administrator and need to enforce a policy on forking private and internal repositories. Which options are available for configuring the policy at the enterprise level?...
Enterprise policiesRepository forkingAccess controlPrivate repositories - Question #18Enable secure software development and ensure compliance
What additional capability does secret scanning offer for private repositories on GitHub Enterprise Cloud?
secret scanningcustom patternsrepository securityGitHub Enterprise Cloud - Question #19Manage security
What is the first step when sensitive data is accidentally pushed to a public GitHub repository?
Data exposureSecurity incident responseCredential revocationRepository security - Question #20Manage security
How does Dependabot determine which security update PRs to open?
DependabotSecurity updatesDependency graphDependabot alerts - Question #21Enable secure software development and ensure compliance
Which of the following GitHub token types supports fine-grained repository permissions AND is recommended for CI/CD automation?
GitHub tokensFine-grained permissionsCI/CD automationGitHub Apps - Question #22Manage GitHub Actions
Which of the following accurately contrasts a GitHub App and a GitHub Action?
GitHub ActionsGitHub AppsAutomationIntegration - Question #23Describe how GitHub is deployed, distributed, and licensed
Which product's usage is not included in GitHub Enterprise Cloud's monthly metered billing report?
GitHub Enterprise CloudBillingMetered usageUsage reports - Question #24Support GitHub Enterprise for users and key stakeholders
You have subscribed to GitHub Premium Support, and you need to submit a support ticket. GitHub Premium Support can help you with:
GitHub Premium SupportGitHub Enterprise ServerInstallationSupport services - Question #25Support GitHub Enterprise for users and key stakeholders
You need to contact GitHub Premium Support. What are valid reasons for submitting a support ticket? (Each answer presents a complete solution. Choose two.)
Premium SupportSupport TicketsService OutagesSecurity Incidents - Question #26Enable secure software development and ensure compliance
Which of the following is a key benefit of using GitHub Marketplace Apps in an enterprise?
GitHub MarketplaceEnterprise FeaturesIntegrationsSDLC - Question #27Implement GitHub Enterprise administration
You need to create a support bundle for your GitHub Enterprise Server instance with the hostname ghe.avocado.corp. What command should you use to create a support bundle?
GitHub Enterprise ServerSupport bundleCommand-line administrationTroubleshooting - Question #28Implement GitHub Enterprise administration
What do you need to successfully generate a support bundle on a GitHub Enterprise Server?
GitHub Enterprise ServerSupport bundleSSH accessAppliance administration - Question #29Manage user identities and GitHub authentication
A financial services company is evaluating GitHub account types. Which of the following is a key distinction between GitHub Enterprise Managed Users and Personal Accounts?
GitHub Enterprise Managed UsersPersonal AccountsAccount typesUser identity - Question #30Manage user identities and GitHub authentication
Which THREE of the following accurately describe how the SCIM protocol enhances user management in GitHub Enterprise Cloud? (Choose three.)
SCIMUser provisioningIdentity managementUser synchronization - Question #31Manage user identities and GitHub authentication
When comparing a partner identity provider integration with a non-partner identity management solution for GitHub Enterprise Managed Users, which statement is Correct?
Identity Provider (IdP)GitHub Enterprise Managed Users (EMUs)SAML 2.0Authentication - Question #32Manage user identities and GitHub authentication
When comparing Group SCIM to Team Sync for identity management in GitHub Enterprise, which statement is Correct?
Identity ManagementGroup SCIMTeam SyncUser Provisioning - Question #33Manage user identities and GitHub authentication
Why is a GitHub App preferred over a PAT for machine authentication?
GitHub AppsPersonal Access TokensMachine AuthenticationScoped Access - Question #34Manage user identities and GitHub authentication
You are planning GitHub account management for a healthcare organization with strict compliance requirements. Which THREE of the following statements accurately describe GitHub Ent...
GitHub Enterprise Managed Users (EMU)Identity ManagementComplianceAuthentication - Question #35Manage user identities and GitHub authentication
A GitHub Enterprise administrator is planning to implement SAML SSO across their company. Which of the following correctly distinguishes enterprise-wide SAML SSO from organization-...
SAML SSOEnterprise-wide SSOOrganization-level SSOAuthentication - Question #36Manage user identities and GitHub authentication
What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?
Enterprise Managed Users (EMU)Identity Provider (IdP)AuthenticationUser Identities - Question #37Automate GitHub administration
Why would a GitHub App be favored over a machine account for automation tasks?
GitHub AppsAutomationRate LimitsMachine Accounts - Question #38Manage security
When comparing fine-grained Personal Access Tokens (PATs) with classic PATs, which of the following statements is accurate?
Personal Access TokensFine-grained PATsPermissionsRepository access - Question #39Describe how GitHub is deployed, distributed, and licensed
What is the new capability of GitHub's billing dashboard?
GitHub BillingGitHub CopilotUsage TrackingBilling Dashboard - Question #40Describe how GitHub is deployed, distributed, and licensed
What is a key characteristic of GitHub Enterprise Server (GHES) compared to GitHub Enterprise Cloud (GHEC)?
GitHub Enterprise ServerGitHub Enterprise CloudDeployment ModelsData Control - Question #41Implement GitHub Enterprise administration
Your organization wants to reduce costs. Which of the following actions should you take?
Cost optimizationUser managementAuditingEnterprise administration - Question #42Describe how GitHub is deployed, distributed, and licensed
How does metered billing work in GitHub Enterprise Cloud with Enterprise Managed Users (EMU)?
Metered billingEnterprise Managed UsersGitHub Enterprise CloudLicensing model - Question #43Manage access and permissions based on membership
A team member is unable to push to a repository due to a 403-error related to branch protection. What should the GitHub Enterprise administrator do first?
Branch protectionPermissions managementTroubleshootingGitHub Enterprise Administration - Question #44Manage access and permissions based on membership
Which of the following is true about outside collaborators in a GitHub organization?
GitHub OrganizationsOutside CollaboratorsAccess ManagementRepository Permissions - Question #45Manage organizations and repositories
Which of the following is a benefit of creating a new GitHub organization?
GitHub OrganizationsOrganizational StructureResource IsolationAdministrative Management - Question #46Manage GitHub Actions
Which of the following are valid ways to pass data to a reusable workflow in a separate repository?
GitHub ActionsReusable WorkflowsWorkflow InputsSecrets Management - Question #47Manage GitHub Actions
An organization wants to share a single API key required for their Actions workflows. They need to restrict its use to only a subset of repositories. Where should they configure th...
GitHub Actions SecretsOrganization SecretsSecrets ManagementAccess Control - Question #48Manage GitHub Actions
Which feature is unique to self-hosted runners?
Self-hosted runnersGitHub ActionsRunner capabilitiesWorkflow environment - Question #49Manage GitHub Actions
What is the effect of enforcing a policy that restricts GitHub Actions to only those created by the enterprise?
GitHub ActionsEnterprise policiesAction restrictionsSecurity settings - Question #50Enable secure software development and ensure compliance
You want to ensure a secret is automatically available to only workflows in internal and private repositories in the organization. Where do you configure the required access policy...
Organization secretsGitHub ActionsSecret managementAccess control