Pass the Microsoft GitHub Administrator GH-100 Questions and answers with CertsForce

The Dependency Graph continuously analyzes your repository’s manifest and lock files to build an inventory of direct and transitive dependencies and flags any that match entries in the GitHub Advisory Database, surfacing known vulnerabilities.

GitHub Premium Support includes assistance with installing and using GitHub Enterprise Server, ensuring your deployment is configured correctly and any installation issues are resolved.

Enforcing a default of Read for organization members ensures they can view content without the ability to push changes, reducing the risk of accidental or unauthorized modifications.

Delete branch operations aren’t tracked as Git-activity events; the Git activity audit log only records Git events such as clone, fetch (pull), and push.

The revamped Billing & Licensing dashboard now includes a dedicated “Copilot” tab that shows per‑user seat assignments, usage counts, and estimated costs for your organization’s GitHub Copilot licenses, enabling you to track Copilot consumption by individual users.

Revoke and/or rotate the exposed credentials immediately so they can no longer be used - this is the critical first step before you undertake any history‑rewriting or cleanup.

Users granted Write permission can push commits to non‑protected branches, allowing them to update code without needing administrative rights.

CodeQL differs from traditional static analysis tools by ingesting your code into a queryable database and letting you write QL queries - its own database‑style language - to express semantic checks and find patterns across the codebase.

You need a GitHub App. Marketplace integrations that listen for events like repository.created and send notifications are delivered as GitHub Apps, since they can subscribe to organization‑level webhooks without you writing custom code.

The audit log records the token’s identifier (the hashed_token value), the source IP address of the request, and the actor (the user or app) associated with that token, allowing you to trace exactly who used it.