Microsoft GH-500 Exam - Topic 4 Question 11 Discussion

Actual exam question for Microsoft's GH-500 exam

Question #: 11
Topic #: 4

[All GH-500 Questions]

-- [Configure GitHub Advanced Security Tools in GitHub Enterprise]

What step is required to run a SARIF-compatible (Static Analysis Results Interchange Format) tool on GitHub Actions?

AUpdate the workflow to include a final step that uploads the results.

BBy default, the CodeQL runner automatically uploads results to GitHub on completion.

CThe CodeQL action uploads the SARIF file automatically when it completes analysis.

DUse the CLI to upload results to GitHub.

Show Suggested Answer

Suggested Answer: A

When using a SARIF-compatible tool within GitHub Actions, it's necessary to explicitly add a step in your workflow to upload the analysis results. This is typically done using the upload-sarif action, which takes the SARIF file generated by your tool and uploads it to GitHub for processing and display in the Security tab. Without this step, the results won't be available in GitHub's code scanning interface.

by Rory at Mar 05, 2026, 03:30 AM

Limited Time Offer

25%

Off

Get Premium GH-500 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!