Question 1

What types of vulnerabilities can CodeQL identify?

Options :

A : Race conditions

B : Syntax errors

C : Cross-site scripting (XSS)

D : SQL injections

E : Memory leaks

F : Buffer overflows

Answer: C,D,F

Question 2

Which of the following statements most accurately describes push protection for secret scanning custom patterns?

Options :

A : Push protection must be enabled for all, or none, of a repository's custom patterns.

B : Push protection is an opt-in experience for each custom pattern.

C : Push protection is not available for custom patterns.

D : Push protection is enabled by default for new custom patterns.

Answer: B

Question 3

When configuring GitHub Advanced Security, what should administrators focus on for comprehensive coverage?

Options :

A : The frequency of code updates

B : The programming languages used

C : The number of contributors

D : The size of the codebase

Answer: B

Question 4

What type of security issues is CodeQL most effective at identifying?

Options :

A : Complex security vulnerabilities

B : Performance bottlenecks

C : Basic syntax errors

D : User interface flaws

Answer: A

Question 5

What is the purpose of creating a CodeQL database?

Options :

A : To archive older versions of the code

B : To manage access permissions to the code

C : To store query results

D : To facilitate semantic analysis of code

Answer: D