Microsoft GH-500 Actual Free Exam Questions & Community Discussion

Exam Code/Number: GH-500
Exam Name/Title: GitHub Advanced Security
Certification Provider: Microsoft
Corresponding Certification: GitHub Administrator

Exam Questions: 125
Updated On: Jun 02, 2026

Question #25

A secret scanning alert should be closed as "used in tests" when a secret is:

A. not a secret in the production environment.

B. in the readme.md file.

C. in a test file.

D. solely used for tests.

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #26

By default, who will receive an e-mail when a secret has been detected in a repository? Each answer presents a complete solution. (Choose two.)

A. security analyst

B. users with the Admin repository role

C. user who committed the secret

D. users with the Write repository role

E. users with the Maintain repository role

Discussion 0

Correct Answer: B,C Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #27

The autobuild step in the CodeQL workflow has failed. What should you do?

A. Use CodeQL, which implicitly detects the supported languages in your code base.

B. Compile the source code.

C. Remove specific build steps.

D. Remove the autobuild step from your code scanning workflow and add specific build steps.

Discussion 0

Correct Answer: D Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #28

Which security feature shows a vulnerable dependency in a pull request?

A. Dependabot alert

B. dependency review

C. dependency graph

D. the repository's Security tab

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #29

If default code security settings have not been changed at the repository, organization, or enterprise level, which repositories receive Dependabot alerts?

A. repositories owned by an organization

B. none

C. private repositories

D. repositories owned by an enterprise account

Discussion 0

Correct Answer: B Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #30

A colleague ignores a code scanning alert. What are the implications of the colleague's action?
Each answer presents part of the solution. (Choose three.)

A. Sensitive information could be leaked.

B. GitHub removes the alert after sixty days.

C. Data could be used insecurely.

D. Webhooks and the code scanning API remove the alert.

E. A dangerous argument could be passed to functions.

Discussion 0

Correct Answer: A,C,E Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #31

Which of the following dependencies could trigger a Dependabot alert? Each answer presents a complete solution. (Choose two.)

A. direct dependencies at 08:00 UTC

B. loose dependencies declared in a manifest

C. direct dependencies explicitly declared in a manifest

D. indirect dependencies explicitly declared in a lockfile

Discussion 0

Correct Answer: C,D Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Question #32

What role is required to change a repository's code scanning severity threshold that fails a pull request status check?

A. Triage

B. Admin

C. Write

D. Maintain

Discussion 0

Correct Answer: C Vote an answer

Explanation: Only visible for EduDump members. You can sign-up / login (it's free).

Download Free Microsoft GH-500 Demo

Simply submit your e-mail address below to get started with our free demo of your Microsoft GH-500 exam.