Free Microsoft GH-100 Actual Exam Questions - Question 3 Discussion
solution. (Choose three.)
It’s D for sure, since GitHub Apps have specific permissions that need tracking. Also A makes sense because any permission changes impact security directly. B is a solid pick because promoting users to admins is a critical event to log and expose via API. Pushing to repos (C) and cloning (E) are more day-to-day actions, so they wouldn’t be in the audit log events exposed by GraphQL. This is less about normal activity and more about admin and security-level events that matter for auditing purposes.
A, B, D. I agree that pushes and cloning are regular activities, not really audit-level events for security. Changes in permissions (A), promoting users to admins (B), and GitHub App permission changes (D) are all major security-related actions that an audit log would track through the API. These seem like the logical choices for what the GraphQL API would expose for audits.
It’s definitely not C or E since those are normal usage events, not security-related. A, B, and D make the most sense because they track critical permission and admin changes.
Makes sense to exclude C and E since pushes and cloning are more about activity than audit security events. I’d go with A, B, and D too.
D imo, since GitHub Apps have distinct permissions, their changes should definitely be in the audit log. A and B also fit well, as they’re about security and admin actions, unlike C and E which seem more routine.
I think A, B, and D fit best here. The audit logs generally track things that impact access control, like permission changes or admin role updates. Pushing code or cloning repos (C and E) are more about day-to-day repo usage, which tends not to be part of these specific audit logs exposed through GraphQL. So those three seem like the safest bet.
Maybe A, B, and D as well. Cloning and pushes are more about repository activity, but audit logs usually focus on security-related changes like permissions and admin roles.
This one feels like A, B, and D to me. They all deal with permission or admin changes which usually get logged clearly. Cloning (E) and pushes (C) seem less likely to be logged in GraphQL audit events.