Free Microsoft GH-500 Actual Exam Questions - Question 1 Discussion

C. Secret scanning is specifically designed for GitHub repositories, not external services or CI systems. It scans commits and pushes to those repos to catch secrets before they get exposed. Public repos have it enabled by default, but private repos might need you to turn it on manually. So it doesn’t cover just any Git repo anywhere, only the ones hosted on GitHub. That rules out B and D pretty clearly.

Makes sense to exclude A since CI systems aren’t the main target here. Secret scanning is more about the repo content itself, so C fits best.

C/D? I’m sticking with C since secret scanning is built into GitHub repos themselves, not external tools or services. D sounds off because it’s not about outside platforms.

B/C? Secret scanning can’t be for any Git repo since it’s a GitHub feature, so B’s too broad. C fits better as it’s focused on GitHub repos specifically, not external services or CI.

It’s C because secret scanning is specifically tied to GitHub repositories, not random external services or CI systems. It scans code in GitHub repos to detect leaked secrets.

Pretty sure it’s C. Secret scanning is built into GitHub repos to catch exposed secrets.