-
Notifications
You must be signed in to change notification settings - Fork 173
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Co-authored-by: Aleksander Fidelus <[email protected]>
- Loading branch information
1 parent
bb396f0
commit 20539a3
Showing
9 changed files
with
108 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| archetype: "questions" | ||
| title: "Question 042" | ||
| question: "Which of these statements isn't true about secret scanning on GitHub?" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning | ||
| 1. [x] Secret scanning is a tool for secure secret storage and management. | ||
| 1. [ ] Secret scanning will scan your entire Git history on all branches present in your GitHub repository for secrets. | ||
| 1. [ ] Secret scanning will scan titles, descriptions, and comments, in open and closed historical issues for secrets. | ||
| 1. [ ] Secret scanning can prevent supported secrets from being pushed into your enterprise, organization, or repository. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which top-level keys are required in the `dependabot.yml` file?" | ||
| archetype: "questions" | ||
| title: "Question 043" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#about-the-dependabotyml-file | ||
| 1. [x] `version` and `updates` | ||
| 1. [ ] `version` and `package-ecosystem` | ||
| 1. [ ] `assignees` and `directory` | ||
| 1. [ ] `updates` and `directory` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which GitHub Action can be used to upload a third-party SARIF file?" | ||
| archetype: "questions" | ||
| title: "Question 044" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github#uploading-a-code-scanning-analysis-with-github-actions | ||
| 1. [x] `github/codeql-action/upload-sarif` | ||
| 1. [ ] `codeql-upload-sarif` | ||
| 1. [ ] `github/codeql-action` | ||
| 1. [ ] `actions/upload-sarif` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which tool can be used in a third-party CI system to upload code analysis results to GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 045" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#about-using-code-scanning-with-your-existing-ci-system | ||
| 1. [x] CodeQL CLI | ||
| 1. [ ] CodeQL API | ||
| 1. [ ] GitHub Actions `github/codeql-action` | ||
| 1. [ ] GitHub CLI |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "What is required for a CI server to upload SARIF results to GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 046" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#generating-a-token-for-authentication-with-github | ||
| 1. [x] A GitHub App or personal access token with `security_events` write permission. | ||
| 1. [ ] A direct connection to the GitHub Advisory Database. | ||
| 1. [ ] Administrator access to the GitHub repository. | ||
| 1. [ ] A special plugin installed in the CI system. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "In the context of uploading SARIF results to GitHub, what happens when a second SARIF results file is uploaded for a single commit?" | ||
| archetype: "questions" | ||
| title: "Question 047" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/using-code-scanning-with-your-existing-ci-system#uploading-your-results-to-github | ||
| 1. [x] It replaces the original set of data. | ||
| 1. [ ] It appends the results to the existing file. | ||
| 1. [ ] It creates a new branch in the repository | ||
| 1. [ ] It is ignored by GitHub. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "How can users exclude specific directories from secret scanning alerts on GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 048" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories#excluding-directories-from-secret-scanning-alerts-for-users | ||
| 1. [x] By configuring a `secret_scanning.yml` file, under the `.github` path in the repository. | ||
| 1. [ ] Through the repository's `Security` tab, in the `Secret scanning` menu. | ||
| 1. [ ] Through the repository's `Settings` tab, in the `Code security and analysis` menu. | ||
| 1. [ ] By editing the repository's `README.md` file. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "Which key should be used in a `secret_scanning.yml` file to exclude directories from secret scanning alerts in GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 049" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/code-security/secret-scanning/configuring-secret-scanning-for-your-repositories#excluding-directories-from-secret-scanning-alerts-for-users | ||
| 1. [x] `paths-ignore:` | ||
| 1. [ ] `paths-exclude:` | ||
| 1. [ ] `ignore-directories` | ||
| 1. [ ] `exclude-paths:` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,12 @@ | ||
| --- | ||
| question: "What is the maximum number of custom patterns that can be defined for secret scanning on GitHub?" | ||
| archetype: "questions" | ||
| title: "Question 050" | ||
| draft: false | ||
| --- | ||
|
|
||
| > https://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/defining-custom-patterns-for-secret-scanning#about-custom-patterns-for-secret-scanning | ||
| 1. [x] 500 for organizations/enterprises and 100 for repositories. | ||
| 1. [ ] 100 for organizations/enterprises and 500 for repositories. | ||
| 1. [ ] 100 for organizations, enterprises and repositories. | ||
| 1. [ ] There's no limit to the number of custom patterns you can define for secret scanning in GitHub. |