Question 1

When should sensitive data policies be reviewed and updated in GitHub?

Options :

A : Annually

B : When new team members join

C : When new features are added to GitHub

D : When new features are added to GitHub

E : After every major project milestone

F : If there are changes in compliance laws

Answer: D,E,F

Question 2

Assuming that notification settings and Dependabot alert recipients have not been customized,

which user account setting should you use to get an alert when a vulnerability is detected in one of

your repositories?

Options :

A : Enable all in existing repositories

B : Enable by default for new public repositories

C : Enable all for Dependabot alerts

D : Enable all for Dependency graph

Answer: C

Question 3

What is the primary goal of Dependabot security updates in GitHub?

Options :

A : To increase code deployment speed

B : To enhance the repository-s SEO

C : To keep dependencies secure and up-to-date

D : To automate the code review process

Answer: C

Question 4

What is a key advantage of using CodeQL for security analysis?

Options :

A : It is faster than manual code review

B : It reduces the need for code testing

C : It automatically fixes vulnerabilities

D : It can detect complex security vulnerabilities

Answer: D

Question 5

How does GitHub Advanced Security aid in responding to security alerts?

Options :

A : By automatically resolving all alerts

B : By providing tools to assess and address the alerts

C : By outsourcing alert management to a third party

D : By ignoring insignificant alerts

Answer: B