Free GH-100 Exam Dumps

Question 11

When a token is used to perform actions across different GitHub resources, how is this reflected in audit logs?

A. Each API action made with the token generates a separate audit log entry
B. Only the first repository accessed is recorded
C. GitHub creates a ZIP archive of all token activity
D. The audit log stores only the token name and not its actions

Correct Answer:A
Each API call authenticated with a token generates its own audit-log event, so you'll see a distinct entry for every action performed across different resources, each annotated with the token's hashed ID, actor, and source IP.

Question 12

Which of the following accurately contrasts a GitHub App and a GitHub Action?

A. GitHub Apps can only be used inside .github/workflows
B. GitHub Actions are limited to reading repository content only
C. GitHub Apps run only on GitHub-provided virtual machines, while GitHub Actions run only on customer-hosted machines
D. GitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories

Correct Answer:D
GitHub Actions workflows are defined and triggered within a single repository??s context, whereas GitHub Apps are installed at the organization or user level and can subscribe to events across multiple repositories.

Question 13

You are planning GitHub account management for a healthcare organization with strict compliance requirements. Which THREE of the following statements accurately describe GitHub Enterprise Managed Users (EMU) accounts? (Choose three.)

A. EMU accounts can be used for both personal and enterprise repositories.
B. EMU accounts are managed through an identity provider such as Azure AD.
C. EMU accountsallow users to create and manage their own credentials.
D. EMU accounts restrict users to enterprise-related activities only
E. EMU accounts are created and managed by individual users.
F. EMU accounts are owned by the organization and cannot be unlinked.

Correct Answer:BDF
Enterprise Managed User accounts are provisioned and authenticated exclusively through your identity provider (for example, Azure AD), so the IdP handles their creation, attribute updates, and deprovisioning.
Managed user accounts cannot create public content or interact with repositories outside your enterprise; they're confined to private and internal repos within the enterprise.
EMU accounts are owned and controlled by the enterprise (via the IdP) and cannot be converted into or unlinked as personal accounts outside that enterprise.

Question 14

Which of the following are valid ways to pass data to a reusable workflow in a separate repository?

A. Use environment variables to pass data directly to the reusable workflow.
B. Define inputs in the reusable workflow and pass values from the calling workflow.
C. Define the secrets in the caller repository and call the reusable workflow using the ??secrets?? keyword.
D. Define the secrets in the reusable workflow's repository and reference the secret using the ??secrets?? context.

Correct Answer:BC
You declare named inputs in the reusable workflow??s on.workflow_call block and then pass values from the caller using the with keyword, allowing the called workflow to consume those parameters.
You define required secrets in the caller repository and supply them to the reusable workflow via the secrets keyword in the workflow-call step, ensuring sensitive values are securely passed.

Question 15

When a user becomes a member of multiple GitHub organizations, which THREE of the following are important considerations for administrators? (Choose three.)

A. The user will automatically have the same role across all organizations.
B. The user's repository access and/or team membership needs to be managed separately for each organization.
C. The user will need to authorize credentials separately for each SAML-enabled organization.
D. The user will have different permission levels in each organization.
E. The user's profile information becomes private to non-organization members.
F. The user's personal repositories will become accessible to all organizations.

Correct Answer:BCD
A user's repository access and team memberships are scoped to each organization, so admins must configure permissions separately per org.
When an organization enforces SAML SSO, each member must authorize their personal access tokens or SSH keys for that org, requiring separate approval for each SAML?enabled organization
Roles and permission levels (owner, member, billing manager, repository roles, etc.) are assigned on a per?organization basis, so a user often has different permissions in different organizations.