GitHub Exam GitHub-Advanced-Security Topic 4 Question 4 Discussion

Actual exam question for GitHub's GitHub-Advanced-Security exam

Question #: 4
Topic #: 4

[All GitHub-Advanced-Security Questions]

-- [Configure and Use Secret Scanning]

Which of the following secret scanning features can verify whether a secret is still active?

APush protection

BValidity checks

CBranch protection

DCustom patterns

Show Suggested Answer

Suggested Answer: B

Validity checks, also called secret validation, allow GitHub to check if a detected secret is still active. If verified as live, the alert is marked as 'valid', allowing security teams to prioritize the most critical leaks.

Push protection blocks secrets but does not check their validity. Custom patterns are user-defined and do not include live checks.

by Rebbeca at May 01, 2025, 04:15 AM

Limited Time Offer

25%

Off

Get Premium GitHub-Advanced-Security Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Gerri

9 days ago

D) Custom patterns - I'm not sure if that would verify active secrets, but it's an interesting option.

upvoted 0 times

...

Cristy

15 days ago

I think the answer is B) Validity checks.

upvoted 0 times

...

Charlette

18 days ago

B) Validity checks - makes sense, this would be the feature to verify if a secret is still active.

upvoted 0 times

...