diff --git a/content/questions/advanced_security/question-042.md b/content/questions/advanced_security/question-042.md
new file mode 100644
index 00000000..cac09b97
--- /dev/null
+++ b/content/questions/advanced_security/question-042.md
@@ -0,0 +1,12 @@
+---
+archetype: "questions"
+title: "Question 042"
+question: "Which of these isn't true about secret scanning?"
+draft: false
+---
+
+> https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning
+1. [x] Secret scanning is a tool for secure secret storage and management.
+1. [ ] Secret scanning will scan your entire Git history on all branches present in your GitHub repository for secrets.
+1. [ ] Secret scanning will scan titles, descriptions, and comments, in open and closed historical issues.
+1. [ ] Secret scanning can prevent supported secrets from being pushed into your enterprise, organization, or repository.
diff --git a/content/questions/advanced_security/question-043.md b/content/questions/advanced_security/question-043.md
new file mode 100644
index 00000000..e2c40b29
--- /dev/null
+++ b/content/questions/advanced_security/question-043.md
@@ -0,0 +1,12 @@
+---
+question: "Which top-level keys are required in the `dependabot.yml` file?"
+archetype: "questions"
+title: "Question 043"
+draft: false
+---
+
+> https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#about-the-dependabotyml-file
+1. [x] `version` and `updates`
+2. [ ] `version` and `package-ecosystem`
+3. [ ] `assignees` and `directory`
+4. [ ] `updates` and `directory`
diff --git a/content/questions/advanced_security/question-044.md b/content/questions/advanced_security/question-044.md
new file mode 100644
index 00000000..61a57a19
--- /dev/null
+++ b/content/questions/advanced_security/question-044.md
@@ -0,0 +1,12 @@
+---
+question: "Which GitHub Actions can be used to upload a third-party SARIF file?"
+archetype: "questions"
+title: "Question 044"
+draft: false
+---
+
+> https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions
+1. [x] `upload-sarif`
+2. [ ] `codeql-upload-sarif`
+2. [ ] `github/codeql-action`
+3. [ ] `actions/upload-sarif`
diff --git a/content/questions/advanced_security/question-045.md b/content/questions/advanced_security/question-045.md
new file mode 100644
index 00000000..8c5b1bda
--- /dev/null
+++ b/content/questions/advanced_security/question-045.md
@@ -0,0 +1,12 @@
+---
+question: "Which of the following tools can be used for code analysis in a third-party CI system to upload results to GitHub?"
+archetype: "questions"
+title: "Question 045"
+draft: false
+---
+
+> https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#about-using-code-scanning-with-your-existing-ci-system
+1. [x] CodeQL CLI
+2. [ ] CodeQL API
+2. [ ] GitHub Actions `github/codeql-action`
+3. [ ] GitHub CLI
diff --git a/content/questions/advanced_security/question-046.md b/content/questions/advanced_security/question-046.md
new file mode 100644
index 00000000..ea7d0054
--- /dev/null
+++ b/content/questions/advanced_security/question-046.md
@@ -0,0 +1,12 @@
+---
+question: "What is required for a CI server to upload results to GitHub?"
+archetype: "questions"
+title: "Question 046"
+draft: false
+---
+
+> https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#generating-a-token-for-authentication-with-github
+1. [x] A GitHub App or personal access token with `security_events` write permission.
+2. [ ] A direct connection to the GitHub Advisory Database.
+2. [ ] Administrator access to the GitHub repository.
+3. [ ] A special plugin installed in the CI system.
diff --git a/content/questions/advanced_security/question-047.md b/content/questions/advanced_security/question-047.md
new file mode 100644
index 00000000..8a8523be
--- /dev/null
+++ b/content/questions/advanced_security/question-047.md
@@ -0,0 +1,12 @@
+---
+question: "In the context of uploading SARIF results to GitHub, what happens when a second SARIF results file is uploaded for a commit?"
+archetype: "questions"
+title: "Question 047"
+draft: false
+---
+
+> https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#generating-a-token-for-authentication-with-github
+1. [x] It replaces the original set of data.
+2. [ ] It appends the results to the existing file.
+2. [ ] It creates a new branch in the repository
+3. [ ] It is ignored by GitHub.