GitHub Exam GitHub-Advanced-Security Topic 3 Question 7 Discussion

Actual exam question for GitHub's GitHub-Advanced-Security exam

Question #: 7
Topic #: 3

[All GitHub-Advanced-Security Questions]

-- [Configure and Use Secret Scanning]

Which of the following secret scanning features can verify whether a secret is still active?

APush protection

BValidity checks

CBranch protection

DCustom patterns

Show Suggested Answer

Suggested Answer: B

Validity checks, also called secret validation, allow GitHub to check if a detected secret is still active. If verified as live, the alert is marked as 'valid', allowing security teams to prioritize the most critical leaks.

Push protection blocks secrets but does not check their validity. Custom patterns are user-defined and do not include live checks.

by Luisa at Jun 14, 2025, 02:13 PM

Limited Time Offer

25%

Off

Get Premium GitHub-Advanced-Security Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Lindsey

2 months ago

I'm not sure, but I think it might be D) Custom patterns.

upvoted 0 times

...

Delila

2 months ago

Wait, is this a trick question? I mean, who needs validity checks when you can just ask the secrets themselves if they're still active? *winks at the camera*

upvoted 0 times

...

3 months ago

Ooh, validity checks? That's a feature I haven't heard of before. Sounds like it could really come in handy to make sure those secrets are still good to go!

upvoted 0 times