Free Microsoft GH-100 Actual Exam Questions - Question 9 Discussion

Deleting the repo (D) sounds like an easy fix, but it doesn’t stop someone who already forked or cloned it from accessing the sensitive data. The exposed credentials could still be out there, so revoking them immediately (A) is crucial to prevent any further damage. After that, cleaning up the history with a force push or using tools to scrub the data would be next steps, but they’re secondary to blocking any potential misuse.

It’s A for me. Even if you remove the data from the repo later, those credentials or keys might already be compromised. Revoking them immediately stops anyone from using the leaked info, which is the biggest risk right away. You can’t rely on deleting or rewriting history to protect you if someone’s already grabbed the data. Better safe than sorry—cut off access first, then clean up after.

Before doing anything else, shouldn’t you consider removing the data from the repo history to prevent further exposure? That makes me question if B should come before A in this scenario.

I think A makes the most sense since you need to stop any risk from exposed credentials ASAP. Removing or deleting stuff comes after.