GH-500 · Question #123
GH-500 Question #123: Real Exam Question with Answer & Explanation
The correct answer is C: Establish the protection rules in the code security settings.. {"question_number": 7, "question": "Which of the following is required to block the merge of a pull request containing critical vulnerabilities? (Choose two.)", "correct_answer": "C. Establish the protection rules in the code security settings. D. Add a repository ruleset.", "exp
Question
Which of the following is required to block the merge of a pull request containing critical vulnerabilities? Each correct answer presents part of the solution. (Choose two.)
Options
- AConfigure a CODEOWNERS file in the repository.
- BEnable Dependabot for the organization.
- CEstablish the protection rules in the code security settings.
- DAdd a repository ruleset.
Explanation
{"question_number": 7, "question": "Which of the following is required to block the merge of a pull request containing critical vulnerabilities? (Choose two.)", "correct_answer": "C. Establish the protection rules in the code security settings. D. Add a repository ruleset.", "explanation": "Two things must work together to block a PR merge on critical vulnerabilities. First, you must configure the code security settings (C) so that code scanning (or Dependabot) is set to report results as required status checks at the desired severity threshold - this is what generates the failing check on the PR. Second, you must enforce those checks via a repository ruleset or branch protection rule (D) that requires the status check to pass before a merge is allowed; without an enforcing ruleset, a failing check is advisory only and can be bypassed. A CODEOWNERS file (A) controls review requirements, not vulnerability checks. Enabling Dependabot for the organization (B) is useful for alerts but is not the enforcement mechanism that blocks merges.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.