Question 1

What is an effective method for managing access to sensitive data in a GitHub repository?

Options :

A : Allow access to all team members

B : Grant access based on role and necessity

C : Use a public repository for transparency

D : Restrict access using branch protection rules

Answer: B

Question 2

What does "Reference a CodeQL query" typically involve?

Options :

A : Linking to an external query database

B : Selecting a query from the CodeQL library

C : Writing a custom query for specific analysis

D : Integrating third-party analysis tools

Answer: B

Question 3

What types of vulnerabilities can CodeQL identify?

Options :

A : Race conditions

B : Syntax errors

C : Cross-site scripting (XSS)

D : SQL injections

E : Memory leaks

F : Buffer overflows

Answer: C,D,F

Question 4

When using CodeQL, how does extraction for compiled languages work?

Options :

A : By generating one language at a time

B : By resolving dependencies to give an accurate representation of the codebase

C : By monitoring the normal build process

D : By running directly on the source code

Answer: C

Question 5

What is the main function of the QL language in CodeQL?

Options :

A : To define database schemas

B : To manage repository settings

C : To automate build processes

D : To write queries for code analysis

Answer: D