• Home
  • Articles
  • Validate your GH-100 Exam Preparation with GH-100 Practice Test (Online & Offline) [Q23-Q44]

Validate your GH-100 Exam Preparation with GH-100 Practice Test (Online & Offline) [Q23-Q44]

Share

Validate your GH-100 Exam Preparation with GH-100 Practice Test (Online & Offline)

Get all the Information About Microsoft GH-100 Exam 2026 Practice Test Questions

NEW QUESTION # 23
Which product's usage is not included in GitHub Enterprise Cloud's monthly metered billing report?

  • A. GitHub Packages storage
  • B. Git LFS bandwidth
  • C. GitHub Actions minutes
  • D. GitHub Discussions engagement

Answer: D

Explanation:
GitHubDiscussions engagement isn't a metered product and doesn't appear in the "Product billing" list, so its usage isn't included in the monthly metered billing report.


NEW QUESTION # 24
What additional capability does secret scanning offer for private repositories on GitHub Enterprise Cloud?

  • A. Revokes GitHub access tokens automatically.
  • B. Disables any code that contains a secret.
  • C. Rewrites history to remove secrets.
  • D. Allows custom pattern definitions for internal secret formats.

Answer: D

Explanation:
Secret scanning in private repositories on GitHub Enterprise Cloud lets you define and use custom regular-expression patterns - so you can detect internal or proprietary secret formats beyond the default partner-provided types.


NEW QUESTION # 25
You are an administrator and need to enforce a policy on forking private and internal repositories. Which options are available for configuring the policy at the enterprise level? (Each answer presents a complete solution. Choose three.)

  • A. Allow people who have access to private and internal repositories to fork these repositories.
  • B. Allow specific people or teams to fork private and internal repositories.
  • C. Disallow forking of private and internal repositories.
  • D. Disallow repository owners from administering the setting at the repository level.
  • E. Allow organization owners to administer the setting at the organization level.

Answer: A,C,E

Explanation:
You can configure the enterprise policy toallow organization owners to administer the forking setting at the organization level, giving them control over how repos fork within their orgs.
You can choose toallow any user who already has access to a private or internal repo to fork it.
You can also set the policy tonever allow forkingof private or internal repositories across all organizations.


NEW QUESTION # 26
Which THREE of the following accurately describe how the SCIM protocol enhances user management in GitHub Enterprise Cloud? (Choose three.)

  • A. SCIM deactivates GitHub accounts when users are deleted from the identity provider.
  • B. SCIM generates authentication tokens for accessing GitHub's REST API.
  • C. SCIM synchronizes changes to user attributes from the identity provider to GitHub.
  • D. SCIM configures repository permissions based on user roles within the organization.
  • E. SCIM automatically deletes organization repositories when administrators are removed.
  • F. SCIM automates user provisioning when new users are added to the identity provider.

Answer: A,C

Explanation:
SCIM automatically updates a user's account on GitHub whenever their profile attributes change in the identity provider.
When a user is removed or deactivated in the IdP, SCIM deactivates (soft-deprovisions) their GitHub account and disables access.
SCIM provisions new GitHub Enterprise Cloud accounts automatically when users are added in the identity provider.


NEW QUESTION # 27
What benefit does GitHub Advanced Security provide?

  • A. helps developers improve and maintain the security and quality of code
  • B. helps organization administrators analyze and configure permissions to the least privilege required
  • C. helps organization administrators manage security tokens
  • D. helps enterprise administrators improve and maintain network security for their GitHub Enterprise Server instances

Answer: A

Explanation:
GitHub Advanced Security equips developers with built-in code scanning (CodeQL), secret scanning, dependency review, and other AppSec tools - helping them find, fix, and prevent security vulnerabilities while maintaining code quality.


NEW QUESTION # 28
Which feature is unique to self-hosted runners?

  • A. GPU support
  • B. Execute scripts before and after a job
  • C. Automatic updates to the operating system
  • D. Dynamic scaling

Answer: B

Explanation:
Self-hosted runners support custom pre- and post-job scripts via runner hooks, letting you run arbitrary scripts before a job starts and after it finishes - capabilities not available on GitHub-hosted runners.


NEW QUESTION # 29
You have subscribed to GitHub Premium Support, and you need to submit a support ticket. GitHub Premium Support can help you with:

  • A. integrating with third-party applications.
  • B. writing scripts.
  • C. installing GitHub Enterprise Server.
  • D. setting up hardware.

Answer: C

Explanation:
GitHub Premium Support includes assistance with installing and using GitHub Enterprise Server, ensuring your deployment is configured correctly and any installation issues are resolved.


NEW QUESTION # 30
Which of the following accurately contrasts a GitHub App and a GitHub Action?

  • A. GitHub Apps run only on GitHub-provided virtual machines, while GitHub Actions run only on customer-hosted machines
  • B. GitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories
  • C. GitHub Actions are limited to reading repository content only
  • D. GitHub Apps can only be used inside .github/workflows

Answer: B

Explanation:
GitHub Actions workflows are defined and triggered within a single repository's context, whereas GitHub Apps are installed at the organization or user level and can subscribe to events across multiple repositories.


NEW QUESTION # 31
What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?

  • A. EMUs are only available for GitHub Enterprise Server
  • B. EMUs can only be created using email invites
  • C. EMUs are managed in GitHub and use GitHub authentication
  • D. EMUs are fully controlled by an IdP and cannot log in with personal credentials

Answer: D

Explanation:
EMU accounts are provisioned and authenticated exclusively through your identity provider - users sign in via the IdP and cannot use or manage GitHub-native credentials.


NEW QUESTION # 32
Which practice helps avoid service disruption when consuming GitHub APIs at scale?

  • A. Ignoring secondary rate limits
  • B. Caching all API responses permanently
  • C. Designing your application to work within GitHub's rate limits
  • D. Using multiple tokens to bypass limits

Answer: C

Explanation:
Designing your integration to stay within GitHub's documented rate limits-by batching requests, using conditional requests, handling 429 responses with back-off, and monitoring the X-RateLimit-* headers - ensures you won't be temporarily throttled or cut off when you hit secondary limits.


NEW QUESTION # 33
What do you need to successfully generate a support bundle on a GitHub Enterprise Server?

  • A. A custom GitHub Action in the root repo
  • B. Administrator SSH access to the appliance
  • C. A GitHub App with read:org permissions
  • D. Approval from GitHub Support

Answer: B

Explanation:
You must have administrator-level SSH access to the GitHub Enterprise Server appliance so you can run the ghe-support-bundle command over SSH and capture the bundle locally.


NEW QUESTION # 34
Which of the following are valid ways to pass data to a reusable workflow in a separate repository?

  • A. Use environment variables to pass data directly to the reusable workflow.
  • B. Define the secrets in the reusable workflow's repository and reference the secret using the 'secrets' context.
  • C. Define inputs in the reusable workflow and pass values from the calling workflow.
  • D. Define the secrets in the caller repository and call the reusable workflow using the 'secrets' keyword.

Answer: C,D

Explanation:
You declare namedinputs in the reusable workflow's on.workflow_call block and then pass values from the caller using thewithkeyword, allowing the called workflow to consume those parameters.
You define required secrets in the caller repository and supply them to the reusable workflow via thesecretskeyword in the workflow-call step, ensuring sensitive values are securely passed.


NEW QUESTION # 35
You are planning GitHub account management for a healthcare organization with strict compliance requirements. Which THREE of the following statements accurately describe GitHub Enterprise Managed Users (EMU) accounts? (Choose three.)

  • A. EMU accounts are owned by the organization and cannot be unlinked.
  • B. EMU accounts restrict users to enterprise-related activities only
  • C. EMU accounts are managed through an identity provider such as Azure AD.
  • D. EMU accounts can be used for both personal and enterprise repositories.
  • E. EMU accounts are created and managed by individual users.
  • F. EMU accounts allow users to create and manage their own credentials.

Answer: A,B,C

Explanation:
Enterprise Managed User accounts are provisioned and authenticated exclusively through your identity provider (for example, AzureAD), so the IdP handles their creation, attribute updates, and deprovisioning.
Managed user accounts cannot create public content or interact with repositories outside your enterprise; they're confined to private and internal repos within the enterprise.
EMU accounts are owned and controlled by the enterprise (via the IdP) and cannot be converted into or unlinked as personal accounts outside that enterprise.


NEW QUESTION # 36
Your organization is implementing team synchronization. Which of the following should you prioritize during the setup process?

  • A. Disabling the audit log stream
  • B. Setting an infrequent sync schedule to reduce performance impact
  • C. Allowing manual updates to team memberships
  • D. Clearly define how identity provider groups will align with GitHub teams and roles

Answer: D

Explanation:
Before you enable team synchronization, you should clearly define how groups in your identity provider will map to GitHub teams and roles - ensuring that when the sync runs, users land in the correct teams with the right permissions.


NEW QUESTION # 37
Why is a GitHub App preferred over a PAT for machine authentication?

  • A. PATs cannot be used in GitHub Actions
  • B. GitHub Apps are required to pass SAML assertions
  • C. PATs support fewer GitHub APIs than Apps
  • D. GitHub Apps have time-limited installation tokens with scoped access

Answer: D

Explanation:
GitHub Apps issue short-lived installation tokens that you scope to only the permissions and repositories your automation needs, reducing blast radius and automatically rotating credentials.


NEW QUESTION # 38
Which of the following is a key benefit of setting default read permissions across organizations?

  • A. Suits environments where all users need write access.
  • B. Enhances security by minimizing unintended modifications.
  • C. Increases efficiency in content creation and updates.
  • D. Improves collaboration by allowing users to modify content directly.

Answer: B

Explanation:
Enforcing a default of Read for organization members ensures they can view content without the ability to push changes, reducing the risk of accidental or unauthorized modifications.


NEW QUESTION # 39
What will happen if Dependabot discovers a vulnerable transitive dependency in a repository?

  • A. It automatically removes the package from the repository.
  • B. It sends an email to the repository owner but does not alter code.
  • C. It creates a pull request to update the direct dependency to a version that resolves the vulnerability.
  • D. It opens a pull request to update the affected package directly, regardless of version compatibility.

Answer: C

Explanation:
Dependabot will automatically open a pull request that updates the direct dependency to a version which, in turn, resolves (or removes) the vulnerable transitive dependency-ensuring the fix is applied via your declared dependencies.


NEW QUESTION # 40
What is the potential consequence of enabling multiple rulesets that apply to the same branch in a repository?

  • A. Only the most recently created ruleset will be enforced
  • B. Rulesets will override each other, leading to unpredictable behavior
  • C. All applicable rulesets will be evaluated, and their combined rules enforced
  • D. Only organization-level rulesets are enforced over repository-level ones

Answer: C

Explanation:
If you enable multiple rulesets that target the same branch, GitHub will evaluateevery matching ruleset and enforce the aggregate of their rules - so all constraints from all applicable rulesets apply.


NEW QUESTION # 41
A token was used to access an organization's resource via API. What fields in the audit log help determine who used it?

  • A. The token ID, requesting IP address, and associated user
  • B. The GitHub Actions runner name
  • C. The token's permissions and the geographic region of access
  • D. The token expiration date

Answer: A

Explanation:
The audit log records the token's identifier (the hashed_token value), the source IP address of the request, and the actor (the user or app) associated with that token, allowing you to trace exactly who used it.


NEW QUESTION # 42
Which of the following GitHub token types supports fine-grained repository permissions AND is recommended for CI/CD automation?

  • A. Device Tokens
  • B. Personal Access Tokens (PATs)
  • C. OAuth tokens
  • D. GitHub App Installation Access Tokens

Answer: D

Explanation:
GitHub App Installation Access Tokens are privileged to the exact permissions you grant the App - down to individual repositories - and rotate automatically, making them the recommended choice for CI/CD automation workflows that demand least-privilege, fine-grained access.


NEW QUESTION # 43
What is a key characteristic of GitHub Enterprise Server (GHES) compared to GitHub Enterprise Cloud (GHEC)?

  • A. GHEC offers data residency options in regions that GHES does not support.
  • B. GHES allows enterprises to have complete control over their hosting environment, including data storage and network security policies.
  • C. GHES is hosted by GitHub and offers automatic scaling, while GHEC requires self-hosting.
  • D. GHES users cannot integrate with external identity providers for authentication.

Answer: B

Explanation:
GitHub Enterprise Server is a self-hosted product you install and manage on your own infrastructure - giving you full control over data storage, network security policies, and the underlying environment.


NEW QUESTION # 44
......

Check Real Microsoft GH-100 Exam Question for Free (2026): https://pass4sure.testvalid.com/GH-100-valid-exam-test.html

Related Articles

more
Microsoft GH-100 Certification Practice Exam

Copyright © 2026 TestValid NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy