GH-100 Practice Test Questions

65 Questions


What do you need to successfully generate a support bundle on a GitHub Enterprise Server?


A. Approval from GitHub Support


B. A custom GitHub Action in the root repo


C. Administrator SSH access to the appliance


D. A GitHub App with read:org permissions





C.   Administrator SSH access to the appliance

What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?


A. EMUs are fully controlled by an IdP and cannot log in with personal credentials


B. EMUs can only be created using email invites


C. EMUs are managed in GitHub and use GitHub authentication


D. EMUs are only available for GitHub Enterprise Server





A.   EMUs are fully controlled by an IdP and cannot log in with personal credentials

A token was used to access an organization's resource via API. What fields in the audit log help determine who used it?


A. The token's permissions and the geographic region of access


B. The token expiration date


C. The GitHub Actions runner name


D. The token ID, requesting IP address, and associated user





D.   The token ID, requesting IP address, and associated user

You are managing a repository in your organization's GitHub account. A team member asks you to confirm who has access to the repository and their permission levels. Which tool should you use to review and manage repository access?


A. GitHub Pages Settings.


B. GitHub Actions Logs.


C. Repository Settings > Manage Access.


D. Branch Protection Rules.





C.   Repository Settings > Manage Access.

What needs to be done to ensure that only specific repositories can access the runners in an organization runner group?


A. Use GitHub's meta API to configure access.


B. Add a label to the runner group.


C. Configure repository access in the runner group settings.


D. Configure the Actions Policies to "Only selected repositories".





C.   Configure repository access in the runner group settings.

Which events from the audit log are exposed by the GraphQL API? Each answer presents a complete solution. (Choose three.)


A. changes in permissions
B promoting users to administrators


B. pushes to repositories


C. changes to permissions of a GitHub App


D. cloning of repositories





A.   changes in permissions
B promoting users to administrators

B.   pushes to repositories

D.   cloning of repositories

Which THREE of the following accurately describe how the SCIM protocol enhances user management in GitHub Enterprise Cloud? (Choose three.)


A. SCIM synchronizes changes to user attributes from the identity provider to GitHub.


B. SCIM deactivates GitHub accounts when users are deleted from the identity provider.


C. SCIM automatically deletes organization repositories when administrators are removed.


D. SCIM automates user provisioning when new users are added to the identity provider.


E. SCIM generates authentication tokens for accessing GitHub's REST API.


F. SCIM configures repository permissions based on user roles within the organization.





A.   SCIM synchronizes changes to user attributes from the identity provider to GitHub.

B.   SCIM deactivates GitHub accounts when users are deleted from the identity provider.

How does GitHub handle secrets found via secret scanning in a public repository?


A. It alerts the service provider (e.g., AWS, Stripe).


B. It immediately blocks the commit to protect the secret.


C. It deletes the secret from the repository automatically.


D. It notifies the admin via webhook.





A.   It alerts the service provider (e.g., AWS, Stripe).

Which of the following accurately contrasts a GitHub App and a GitHub Action?


A. GitHub Apps can only be used inside .github/workflows


B. GitHub Actions are limited to reading repository content only


C. GitHub Apps run only on GitHub-provided virtual machines, while GitHub Actions run only on customer-hosted machines


D. GitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories





D.   GitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories

How does Dependabot determine which security update PRs to open?


A. It waits for manual triage of all CVEs.


B. It uses the dependency graph and Dependabot alerts to open PRs for patched versions.


C. It reads the GitHub Issues and automatically suggests fixes.


D. It compares your codebase to the GitHub Trending list.





B.   It uses the dependency graph and Dependabot alerts to open PRs for patched versions.

Your organization is implementing team synchronization. Which of the following should you prioritize during the setup process?


A. Disabling the audit log stream


B. Setting an infrequent sync schedule to reduce performance impact


C. Allowing manual updates to team memberships


D. Clearly define how identity provider groups will align with GitHub teams and roles





D.   Clearly define how identity provider groups will align with GitHub teams and roles

How does GitHub support compliance requirements for enterprises?


A. GitHub provides configurable controls such as an audit log, SAML authentication, and enterprise rulesets.


B. GitHub disables all external collaboration features.


C. GitHub only allows those with repository owner (admin) permissions to write changes to repositories.


D. GitHub automatically encrypts user passwords in plaintext for quick access.





A.   GitHub provides configurable controls such as an audit log, SAML authentication, and enterprise rulesets.


Page 1 out of 6 Pages