Microsoft GH-500 Exam Questions

Question 6 of 113

Which of the following benefits do code scanning, secret scanning, and dependency review provide?

A.

Automatically raise pull requests, which reduces your exposure to older versions of dependencies.

B.

View alerts about dependencies that are known to contain security vulnerabilities.

C.

Search for potential security vulnerabilities, detect secrets, and show the full impact of changes to dependencies.

D.

Confidentially report security vulnerabilities and privately discuss and fix security vulnerabilities in your repository’s code.

Question 7 of 113

Which alerts do you see in the repository’s Security tab? Each answer presents part of the solution. (Choose three.)

Question 8 of 113

A dependency has a known vulnerability. What does the warning message include?

A.

an easily understandable visualization of dependency change

B.

a brief description of the vulnerability

C.

how many projects use these components

D.

the security impact of these changes

Question 9 of 113

Which features require GitHub Advanced Security to be enabled for internal and private repositories in an organization? Each correct answer presents part of the solution. (Choose two.)

A.

security policy

B.

secret scanning

C.

packages

D.

dependency review

Question 10 of 113

Which of the following is the best way to dispose of a compromised secret?

A.

Create a new secret.

B.

Revoke the secret.

C.

Update any services that use the secret.

D.

Remove the secret from the code base.