Microsoft GH-100 Exam Practice Test Instant Access

Question 1

Which Git operation is not included in the Git activity audit log?

ADelete branch

BFetch

CPush

DClone

Answer : A

Delete branch operations aren't tracked as Git-activity events; the Git activity audit log only records Git events such as clone, fetch (pull), and push.

Question 2

You need to contact GitHub Premium Support. What are valid reasons for submitting a support ticket? (Each answer presents a complete solution. Choose two.)

Alicense renewal

Bhardware setup issues or errors

Cbusiness impact from security issues within your organization

Doutages on GitHub.com affecting core Git functionality

Answer : C, D

Business-impact security issues (for example, a critical vulnerability affecting your organization) are classified as High-priority tickets and are covered under your Premium Support SLA.

Outages on GitHub.com that disrupt core Git or web application functionality trigger Urgent-priority responses under Premium Support's SLA.

Question 3

Which of the following correctly describes the difference between controlling actions at the enterprise level versus the organization level in GitHub?

AEnterprise policies and organization policies are independent, with organization policies taking precedence for repositories within the organization.

BEnterprise policies configure mandatory settings for organizations.

CEnterprise policies apply only to public repositories, while organization policies apply to public, internal, and private repositories.

DEnterprise policies can block specific actions, while organization policies can only enable or disable actions entirely.

Answer : B

Enterprise policies let you define and enforce mandatory settings across all member organizations - organization-level policies then operate within the options that the enterprise policy exposes.

Question 4

What additional capability does secret scanning offer for private repositories on GitHub Enterprise Cloud?

AAllows custom pattern definitions for internal secret formats.

BDisables any code that contains a secret.

CRewrites history to remove secrets.

DRevokes GitHub access tokens automatically.

Answer : A

Secret scanning in private repositories on GitHub Enterprise Cloud lets you define and use custom regular-expression patterns - so you can detect internal or proprietary secret formats beyond the default partner-provided types.

Question 5

You are planning GitHub account management for a healthcare organization with strict compliance requirements. Which THREE of the following statements accurately describe GitHub Enterprise Managed Users (EMU) accounts? (Choose three.)

AEMU accounts can be used for both personal and enterprise repositories.

BEMU accounts are managed through an identity provider such as Azure AD.

CEMU accounts allow users to create and manage their own credentials.

DEMU accounts restrict users to enterprise-related activities only

EEMU accounts are created and managed by individual users.

FEMU accounts are owned by the organization and cannot be unlinked.

Answer : B, D, F

Enterprise Managed User accounts are provisioned and authenticated exclusively through your identity provider (for example, AzureAD), so the IdP handles their creation, attribute updates, and deprovisioning.

Managed user accounts cannot create public content or interact with repositories outside your enterprise; they're confined to private and internal repos within the enterprise.

EMU accounts are owned and controlled by the enterprise (via the IdP) and cannot be converted into or unlinked as personal accounts outside that enterprise.

Question 6

An organization wants to share a single API key required for their Actions workflows. They need to restrict its use to only a subset of repositories. Where should they configure the secrets to minimize maintenance?

ARepository secrets

BEnvironment secrets

COrganization secrets

DDevelopment environment secrets

Answer : C

By defining the API key as an organization secret, you centralize management and can grant access only to the subset of repositories you choose - eliminating per-repo duplication while enforcing the desired scope.

Question 7

Which of the following are valid ways to pass data to a reusable workflow in a separate repository?

AUse environment variables to pass data directly to the reusable workflow.

BDefine inputs in the reusable workflow and pass values from the calling workflow.

CDefine the secrets in the caller repository and call the reusable workflow using the 'secrets' keyword.

DDefine the secrets in the reusable workflow's repository and reference the secret using the 'secrets' context.

Answer : B, C

You declare namedinputs in the reusable workflow's on.workflow_call block and then pass values from the caller using thewithkeyword, allowing the called workflow to consume those parameters.

You define required secrets in the caller repository and supply them to the reusable workflow via thesecretskeyword in the workflow-call step, ensuring sensitive values are securely passed.

Microsoft GitHub Administration GH-100 Exam Practice Test