Microsoft GH-100 Exam Questions Instant Access

Question 1

What benefit does GitHub Advanced Security provide?

Ahelps organization administrators analyze and configure permissions to the least privilege required

Bhelps developers improve and maintain the security and quality of code

Chelps enterprise administrators improve and maintain network security for their GitHub Enterprise Server instances

Dhelps organization administrators manage security tokens

Answer : B

GitHub Advanced Security equips developers with built-in code scanning (CodeQL), secret scanning, dependency review, and other AppSec tools - helping them find, fix, and prevent security vulnerabilities while maintaining code quality.

Question 2

Which of the following accurately contrasts a GitHub App and a GitHub Action?

AGitHub Apps can only be used inside .github/workflows

BGitHub Actions are limited to reading repository content only

CGitHub Apps run only on GitHub-provided virtual machines, while GitHub Actions run only on customer-hosted machines

DGitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories

Answer : D

GitHub Actions workflows are defined and triggered within a single repository's context, whereas GitHub Apps are installed at the organization or user level and can subscribe to events across multiple repositories.

Question 3

When comparing Group SCIM to Team Sync for identity management in GitHub Enterprise, which statement is Correct?

AGroup SCIM requires less initial configuration than Team Sync.

BTeam Sync supports more identity providers than Group SCIM.

CTeam Sync provides more automated user deprovisioning than Group SCIM.

DGroup SCIM enables centralized user and group management through the IdP.

Answer : D

GroupSCIM lets you manage both user accounts and group memberships centrally in your identity provider - automatically provisioning, updating, and deprovisioning users and groups in GitHub - whereas TeamSync only mirrors IdP group membership into existing GitHub teams.

Question 4

Which Git operation is not included in the Git activity audit log?

ADelete branch

BFetch

CPush

DClone

Answer : A

Delete branch operations aren't tracked as Git-activity events; the Git activity audit log only records Git events such as clone, fetch (pull), and push.

Question 5

Why would someone choose to configure a security policy?

ATo communicate corporate security and compliance policies for end users on a private repository.

BTo provide information on an open source repository for open source collaborators and researchers that may need to report and disclose sensitive security findings to maintainers securely.

CTo prevent anyone from pushing to the repository without approval.

DTo define which open source packages are permitted for use as part of that repository.

Answer : B

A security policy (the SECURITY.md file) lets maintainers of an open source repository provide clear, private instructions for collaborators and external researchers on how to report and disclose security vulnerabilities responsibly.

Question 6

Why is a GitHub App preferred over a PAT for machine authentication?

AGitHub Apps are required to pass SAML assertions

BGitHub Apps have time-limited installation tokens with scoped access

CPATs cannot be used in GitHub Actions

DPATs support fewer GitHub APIs than Apps

Answer : B

GitHub Apps issue short-lived installation tokens that you scope to only the permissions and repositories your automation needs, reducing blast radius and automatically rotating credentials.

Question 7

What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?

AEMUs are fully controlled by an IdP and cannot log in with personal credentials

BEMUs can only be created using email invites

CEMUs are managed in GitHub and use GitHub authentication

DEMUs are only available for GitHub Enterprise Server

Answer : A

EMU accounts are provisioned and authenticated exclusively through your identity provider - users sign in via the IdP and cannot use or manage GitHub-native credentials.

Microsoft GitHub Administration GH-100 Exam Questions