Microsoft GH-100 Exam Questions Instant Access

Question 1

Which of the following is the responsibility of a Team Maintainer in a GitHub organization? (Choose two.)

AModifying organization-wide settings.

BManaging nested sub-teams.

CAdding or removing team members.

DDeleting repositories assigned to the team.

Answer : B, C

Team maintainers can manage nested sub-teams - requesting to add or change parent/child teams within the organization's hierarchy.

Team maintainers have permission to add and remove members from their team, controlling day-to-day team membership.

Question 2

You want to ensure a secret is automatically available to only workflows in internal and private repositories in the organization. Where do you configure the required access policy?

AActions policies

BRunner groups

CRulesets

DOrganization secret

Answer : D

You set the access policy on the Organization Secret itself - configuring its visibility so it's scoped automatically to only internal and private repositories.

Question 3

What needs to be done to ensure that only specific repositories can access the runners in an organization runner group?

AUse GitHub's meta API to configure access.

BAdd a label to the runner group.

CConfigure repository access in the runner group settings.

DConfigure the Actions Policies to 'Only selected repositories'.

Answer : C

In the organization's runner group settings, switch the access from ''All repositories'' to ''Selected repositories'' and then explicitly choose which repos may use those runners.

Question 4

Which of the following are valid ways to pass data to a reusable workflow in a separate repository?

AUse environment variables to pass data directly to the reusable workflow.

BDefine inputs in the reusable workflow and pass values from the calling workflow.

CDefine the secrets in the caller repository and call the reusable workflow using the 'secrets' keyword.

DDefine the secrets in the reusable workflow's repository and reference the secret using the 'secrets' context.

Answer : B, C

You declare namedinputs in the reusable workflow's on.workflow_call block and then pass values from the caller using thewithkeyword, allowing the called workflow to consume those parameters.

You define required secrets in the caller repository and supply them to the reusable workflow via thesecretskeyword in the workflow-call step, ensuring sensitive values are securely passed.

Question 5

You are using GitHub-hosted runners and need to securely deploy to an internal system. The security team requires that these runners use IP address ranges that would not be shared with other companies. Which of the following approaches would meet their requirements?

AGitHub-hosted larger runners with Azure private networking

BGitHub-hosted standard runners, using the IP addresses provided in 'actions' from https://api.github.com/meta

CGitHub-hosted standard runners, using the IP addresses provided in 'api' from https://api.github.com/meta

DGitHub-hosted larger runners with static IP addresses

Answer : D

GitHub's larger runners let you reserve dedicated static IP addresses for your workflows - so you can allow-list those IPs in your firewall and be sure they aren't shared with any other tenant.

Question 6

In a GitHub repository using Dependabot, which of the following best describes the purpose of the .github/dependabot.yml file?

AIt configures scheduling, package ecosystems, and target directories for update checks.

BIt lists commit SHAs to exclude from automatic pull requests.

CIt enables GitHub to scan for secrets in dependency files.

DIt encrypts dependency versions before storing them in the repo.

Answer : A

The .github/dependabot.yml file defines Dependabot's package-ecosystem, the directories to inspect, and the update schedule (daily/weekly/monthly), controlling when and where Dependabot checks for new versions.

Question 7

How does metered billing work in GitHub Enterprise Cloud with Enterprise Managed Users (EMU)?

ABilling is based on number of total users in the enterprise

BBilling is based on owners and members of GitHub organizations

CBilling is based on total users in the enterprise that are not dormant

DBilling is based on the number of users created in Azure AD

Answer : A

Billing for GitHub Enterprise Cloud under metered (usage-based) billing is calculated by the total number of Enterprise Managed Users (and other license-consuming accounts) in your enterprise - each EMU consumes a seat and contributes to the monthly bill.

Microsoft GitHub Administration GH-100 Exam Questions