A financial services company is evaluating GitHub account types. Which of the following is a key distinction between GitHub Enterprise Managed Users and Personal Accounts?
Correct Answer:
B
Personal Accounts are owned and controlled by individual users and can serve both their personal projects and professional work, whereas Enterprise Managed Users exist solely within the enterprise context and cannot be used for personal repositories.
What is the key benefit of using a GitHub security advisory within a repository?
Correct Answer:
B
GitHub security advisories let maintainers privately disclose, discuss fixes, and then publish vulnerabilities in a controlled manner within the repository.
You need GitHub to automatically notify a third-party service any time a new repository is created. You want to avoid writing custom code. The vendor has told you that they have a tool in the GitHub Marketplace. Which type of tool do you need?
Correct Answer:
A
You need a GitHub App. Marketplace integrations that listen for events like repository.created and send notifications are delivered as GitHub Apps, since they can subscribe to organization#level webhooks without you writing custom code.
What is the potential consequence of enabling multiple rulesets that apply to the same branch in a repository?
Correct Answer:
B
If you enable multiple rulesets that target the same branch, GitHub will evaluate every matching ruleset and enforce the aggregate of their rules - so all constraints from all applicable rulesets apply.
Which events from the audit log are exposed by the GraphQL API? Each answer presents a complete solution. (Choose three.)
Correct Answer:
ABD
The GraphQL Audit Log API surfaces entries whenever repository or organization permissions are changed ("Changes permissions").
It records when users are elevated to administrative roles ("Promotes users to admin").
It logs alterations to a GitHub App's granted permissions ("Changes permissions of a GitHub App").
