Free Microsoft GH-500 Actual Exam Questions - Question 11 Discussion
What is the first step you should take to fix an alert in secret scanning?
Adeel A. imo, archiving the repo (A) is way too drastic as a first step. You want to fix the secret issue, not just lock everything down immediately. Better to focus on removing or revoking the secret first.
B tbh, updating dependencies is a quick way to fix if the secret comes from outdated or vulnerable libraries. Removing secrets is key, but sometimes the root cause is an old dependency.
D, because you need to remove the secret first before revoking or other steps.
Makes sense to go with D since removing the secret from the main branch is crucial to stop further exposure. Another angle is that revoking the alert only works if the secret is still valid, but if it’s exposed, you gotta remove it first. So starting with removing the secret (D) seems like the only logical first step before anything else.
Why would you archive the repo before fixing the secret? Does the question assume the secret is already exposed in the main branch or somewhere else first?