GH-500 · Question #115
GH-500 Question #115: Real Exam Question with Answer & Explanation
The correct answer is B: Sensitive information could be leaked.. {"question_number": 8, "correct_answer": "B, C, D", "explanation": "Ignoring a code scanning alert means the underlying security weakness in the code remains unaddressed. The potential real-world implications are: (B) sensitive information could be leaked if the alert relates to
Question
A colleague ignores a code scanning alert. What are the implications of the colleague's action? Each answer presents part of the solution. (Choose three.)
Options
- AWebhooks and the code scanning API remove the alert.
- BSensitive information could be leaked.
- CData could be used insecurely.
- DA dangerous argument could be passed to functions.
- EGitHub removes the alert after sixty days.
Explanation
{"question_number": 8, "correct_answer": "B, C, D", "explanation": "Ignoring a code scanning alert means the underlying security weakness in the code remains unaddressed. The potential real-world implications are: (B) sensitive information could be leaked if the alert relates to improper data exposure, (C) data could be used insecurely if the alert relates to unsafe data handling, and (D) a dangerous argument could be passed to functions if the alert relates to injection or improper input validation. Ignoring an alert does NOT remove it from the API or webhooks (A is false), and GitHub does not auto-delete alerts after 60 days (E is false).", "generated_by": "claude-sonnet", "llm_judge_score": 3}
Topics
Community Discussion
No community discussion yet for this question.