GH-500
Configure and use secret scanning
hard
Question 4 of 29

A repository administrator defines a custom secret pattern and wants push protection to use it immediately. What must happen first?

AThe pattern must be dry-run tested and published before push protection can be enabled for it
BThe pattern must be committed to .github/secret-scanning.yml
CThe pattern must be exported as an SBOM
DThe pattern must be added to the dependency graph

More Configure and use secret scanning Questions

29 questions

Full GitHub Advanced Security Practice Test

All topics covered

All GitHub Advanced Security Questions

Browse by topic

Related Questions

Which statement about secret scanning scope is correct?...

easy

For which repository type does secret scanning run automatically for free?...

easy

Which statement correctly describes push protection for users?...

medium

Which activity can repository push protection block when a supported secret is detected?...

medium

If a contributor bypasses repository push protection and chooses `I'll fix it later`, what alert sta...

medium
View all Configure and use secret scanning questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account