-
Notifications
You must be signed in to change notification settings - Fork 151
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
1c11c7c
commit 3aa59f1
Showing
6 changed files
with
72 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| archetype: "questions" | ||
| title: "Question 042" | ||
| question: "Which of these isn't true about secret scanning?" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning | ||
| 1. [x] Secret scanning is a tool for secure secret storage and management. | ||
| 1. [ ] Secret scanning will scan your entire Git history on all branches present in your GitHub repository for secrets. | ||
| 1. [ ] Secret scanning will scan titles, descriptions, and comments, in open and closed historical issues. | ||
| 1. [ ] Secret scanning can prevent supported secrets from being pushed into your enterprise, organization, or repository. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which top-level keys are required in the `dependabot.yml` file?" | ||
| archetype: "questions" | ||
| title: "Question 043" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#about-the-dependabotyml-file | ||
| 1. [x] `version` and `updates` | ||
| 2. [ ] `version` and `package-ecosystem` | ||
| 3. [ ] `assignees` and `directory` | ||
| 4. [ ] `updates` and `directory` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which GitHub Actions can be used to upload a third-party SARIF file?" | ||
| archetype: "questions" | ||
| title: "Question 044" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions | ||
| 1. [x] `upload-sarif` | ||
| 2. [ ] `codeql-upload-sarif` | ||
| 2. [ ] `github/codeql-action` | ||
| 3. [ ] `actions/upload-sarif` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which of the following tools can be used for code analysis in a third-party CI system to upload results to GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 045" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#about-using-code-scanning-with-your-existing-ci-system | ||
| 1. [x] CodeQL CLI | ||
| 2. [ ] CodeQL API | ||
| 2. [ ] GitHub Actions `github/codeql-action` | ||
| 3. [ ] GitHub CLI |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "What is required for a CI server to upload results to GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 046" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#generating-a-token-for-authentication-with-github | ||
| 1. [x] A GitHub App or personal access token with `security_events` write permission. | ||
| 2. [ ] A direct connection to the GitHub Advisory Database. | ||
| 2. [ ] Administrator access to the GitHub repository. | ||
| 3. [ ] A special plugin installed in the CI system. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "In the context of uploading SARIF results to GitHub, what happens when a second SARIF results file is uploaded for a commit?" | ||
| archetype: "questions" | ||
| title: "Question 047" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#generating-a-token-for-authentication-with-github | ||
| 1. [x] It replaces the original set of data. | ||
| 2. [ ] It appends the results to the existing file. | ||
| 2. [ ] It creates a new branch in the repository | ||
| 3. [ ] It is ignored by GitHub. |