GH-500 Question #40: Real Exam Question with Answer & Explanation

Sign in or unlock GH-500 to reveal the answer and full explanation for question #40. The question stem and answer options stay visible for context.

Configure and use Dependabot and Dependency Review

Question

Assuming that notification and alert recipients are not customized, what does GitHub do when it identifies a vulnerable dependency in a repository where Dependabot alerts are enabled? (Each answer presents part of the solution. Choose two.)

Options

AIt generates a Dependabot alert and displays it on the Security tab for the repository.
BIt consults with a security service and conducts a thorough vulnerability review.
CIt generates Dependabot alerts by default for all private repositories.
DIt notifies the repository administrators about the new alert.

Unlock GH-500 to see the answer

You've previewed enough free GH-500 questions. Unlock GH-500 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock GH-500 - $49.99 / 30 days Sign in

Topics

#Dependabot alerts#Vulnerable dependencies#Security notifications#GitHub Security tab

Full GH-500 Practice Browse All GH-500 Questions