Exam GitHub-Advanced-Security Topic 4 Question 1 Discussion

Actual exam question for GitHub's GitHub-Advanced-Security exam
Question #: 1
Topic #: 4
Which of the following tasks can be performed by a security team as a proactive measure to help address secret scanning alerts? (Each answer presents a complete solution. Choose two.)

Suggested Answer: B,D Vote an answer

To proactively address secret scanning:
* Webhookscan be configured to listen for secret scanning events. This allows automation, logging, or alerting in real-time when secrets are detected.
* Documenting secure development practices(like using environment variables or secret managers) helps reduce the likelihood of developers committing secrets in the first place.
Dismissal based on age is not a best practice without triage. SCIM deals with user provisioning, not scanning alerts.

by Violet at Jun 28, 2025, 11:49 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10