GH-100 · Question #19
GH-100 Question #19: Real Exam Question with Answer & Explanation
The correct answer is A: Revoke any exposed credentials immediately. Revoking exposed credentials immediately (A) is the critical first action because once sensitive data - API keys, passwords, tokens - is public, it must be treated as compromised. Removing it from history does nothing to protect credentials that may have already been harvested by
Question
What is the first step when sensitive data is accidentally pushed to a public GitHub repository?
Options
- ARevoke any exposed credentials immediately
- BForce push a commit removing the data
- COpen an issue to inform users
- DDelete the repository
Explanation
Revoking exposed credentials immediately (A) is the critical first action because once sensitive data - API keys, passwords, tokens - is public, it must be treated as compromised. Removing it from history does nothing to protect credentials that may have already been harvested by automated scanners that index GitHub within seconds of a push.
Why the distractors are wrong:
- B (force push): Removing the data from Git history is necessary eventually, but it's secondary - the credentials are already exposed and must be rotated first or attackers can still use them.
- C (open an issue): Notifying users is a transparency step that comes after containment; announcing the breach before revoking credentials gives attackers more time to act.
- D (delete the repository): Deletion doesn't revoke compromised credentials, and forks or cached versions may still contain the data - it solves nothing.
Memory tip: Think "Revoke before Remove." Just like changing your locks before cleaning up after a break-in, credential revocation neutralizes the threat while cleanup (purging history, notifying users) follows safely behind.
Topics
Community Discussion
No community discussion yet for this question.