GH-100 Free Practice Test

What benefit does GitHub Advanced Security provide?

1. A. helps organization administrators analyze and configure permissions to the least privilege required
2. B. helps developers improve and maintain the security and quality of code
3. C. helps enterprise administrators improve and maintain network security for their GitHub Enterprise Server instances
4. D. helps organization administrators manage security tokens

Correct Answer: B
GitHub Advanced Security equips developers with built‑in code scanning (CodeQL), secret scanning, dependency review, and other AppSec tools - helping them find, fix, and prevent security vulnerabilities while maintaining code quality.

How does Dependabot determine which security update PRs to open?

1. A. It waits for manual triage of all CVEs.
2. B. It uses the dependency graph and Dependabot alerts to open PRs for patched versions.
3. C. It reads the GitHub Issues and automatically suggests fixes.
4. D. It compares your codebase to the GitHub Trending list.

Correct Answer: B
Dependabot relies on your repository??s enabled Dependency Graph and Dependabot Alerts to identify vulnerable dependencies; it then automatically opens pull requests to update to the patched versions that resolve those alerts.