GH-100 · Question #49
GH-100 Question #49: Real Exam Question with Answer & Explanation
The correct answer is C: Only actions created within the enterprise are allowed. Enforcing a policy that restricts GitHub Actions to only those created by the enterprise means the runner will only execute workflows that use actions defined within your enterprise's own organizations - no external Marketplace or third-party actions are permitted (option C). Opt
Question
What is the effect of enforcing a policy that restricts GitHub Actions to only those created by the enterprise?
Options
- AMarketplace actions are allowed only with SSO enabled
- BActions can only be triggered by organization members
- COnly actions created within the enterprise are allowed
- DAll public actions are allowed
Explanation
Enforcing a policy that restricts GitHub Actions to only those created by the enterprise means the runner will only execute workflows that use actions defined within your enterprise's own organizations - no external Marketplace or third-party actions are permitted (option C). Option A is incorrect because SSO has no bearing on which actions are permitted to run; it governs identity, not action source. Option B is wrong because trigger permissions (who can initiate a workflow) are a separate access-control concern from which actions the workflow is allowed to use. Option D is the opposite of the intended effect - this policy specifically blocks public actions, not allows them.
Memory tip: Think of it as a strict "internal-only" vendor policy - just like a company that only buys from its own subsidiaries, this setting locks the action source down to your enterprise's walls, nothing from the outside Marketplace gets in.
Topics
Community Discussion
No community discussion yet for this question.