GH-500 · Question #72
GH-500 Question #72: Real Exam Question with Answer & Explanation
The correct answer is B: It allows configuration options for multiple repositories in a single place.. {"question_number": 2, "question": "What is a benefit of using a custom CodeQL configuration file?", "correct_answer": "B", "explanation": "A custom CodeQL configuration file (typically named 'codeql-config.yml') lets you centralize advanced scanning settings - such as which quer
Question
What is a benefit of using a custom CodeQL configuration file?
Options
- AIt allows you to schedule the scan.
- BIt allows configuration options for multiple repositories in a single place.
- CIt disables packs from running the default query suite.
- DIt specifies a token that has access to the private repository.
Explanation
{"question_number": 2, "question": "What is a benefit of using a custom CodeQL configuration file?", "correct_answer": "B", "explanation": "A custom CodeQL configuration file (typically named 'codeql-config.yml') lets you centralize advanced scanning settings - such as which query suites to run, which paths to include or exclude, and which packs to use - in a single file that can be referenced by multiple repositories. This is especially valuable in large organizations where many repos share the same scanning requirements: you maintain one config file, and all repos point to it. Option A is incorrect because scheduling is controlled in the workflow YAML (e.g., 'on: schedule:'), not the CodeQL config file. Option C is wrong - the config file can add or change query suites but does not disable packs from running the default suite outright. Option D refers to a token for private repositories, which is a workflow secret, not a CodeQL config file setting.", "generated_by": "claude-sonnet", "llm_judge_score": 4}
Topics
Community Discussion
No community discussion yet for this question.