検証済みのGH-100試験問題集PDF [2026年最新] 成功の秘訣はここにある [Q15-Q39]

Share

検証済みのGH-100試験問題集PDF [2026年最新] 成功の秘訣はここにある

ベストを体験せよ!GH-100試験問題トレーニングを提供していますFast2test

質問 # 15
A GitHub Enterprise administrator is planning to implement SAML SSO across their company. Which of the following correctly distinguishes enterprise-wide SAML SSO from organization-level SAML SSO?

  • A. Enterprise-wide SAML SSO allows different organizations to use different authentication methods.
  • B. Enterprise-wide SAML SSO immediately removes users who fail to authenticate via the IdP.
  • C. Enterprise-wide SAML SSO requires less initial administrative overhead than organization-level implementation.
  • D. Enterprise-wide SAML SSO ensures users authenticate through the same IdP across all organizations.

正解:D

解説:
Enterprise-wide SAML SSO enforces a single IdP across all member organizations-its configuration overrides any per-organization SAML settings, so everyone must authenticate through the same provider.


質問 # 16
Which of the following is true about outside collaborators in a GitHub organization?

  • A. They are granted explicit access to specific repositories.
  • B. They have access to all private repositories by default.
  • C. They appear in the organization's internal member list.
  • D. They inherit organization-wide policies, such as SSO requirements.

正解:A

解説:
Outside collaborators aren't organization members; instead, they're granted explicit access - at read, write, or admin level - to only the repositories you choose.


質問 # 17
How does GitHub support compliance requirements for enterprises?

  • A. GitHub disables all external collaboration features.
  • B. GitHub only allows those with repository owner (admin) permissions to write changes to repositories.
  • C. GitHub provides configurable controls such as an audit log, SAML authentication, and enterprise rulesets.
  • D. GitHub automatically encrypts user passwords in plaintext for quick access.

正解:C

解説:
GitHub Enterprise gives you a suite of configurable controls - like a comprehensive audit log, enforced SAML single sign-on, and enterprise-level rulesets - that you can tailor and enforce to meet your organization's compliance mandates.


質問 # 18
When comparing Group SCIM to Team Sync for identity management in GitHub Enterprise, which statement is Correct?

  • A. Team Sync provides more automated user deprovisioning than Group SCIM.
  • B. Team Sync supports more identity providers than Group SCIM.
  • C. Group SCIM requires less initial configuration than Team Sync.
  • D. Group SCIM enables centralized user and group management through the IdP.

正解:D

解説:
GroupSCIM lets you manage both user accounts and group memberships centrally in your identity provider - automatically provisioning, updating, and deprovisioning users and groups in GitHub - whereas TeamSync only mirrors IdP group membership into existing GitHub teams.


質問 # 19
How does GitHub handle secrets found via secret scanning in a public repository?

  • A. It immediately blocks the commit to protect the secret.
  • B. It deletes the secret from the repository automatically.
  • C. It notifies the admin via webhook.
  • D. It alerts the service provider (e.g., AWS, Stripe).

正解:D

解説:
When secret scanning detects a supported credential in a public repository, GitHub notifies the issuing service provider so they can revoke or rotate the exposed secret.


質問 # 20
What makes GitHub Apps a more secure choice for automation over OAuth Apps?

  • A. GitHub Apps can only be installed by organization owners.
  • B. GitHub Apps are limited to read-only access and cannot write to repositories.
  • C. GitHub Apps authenticate as an app with fine-grained permissions, not as a user.
  • D. GitHub Apps always require two-factor authentication.

正解:C

解説:
GitHub Apps authenticate as themselves with fine-grained, installation-scoped permissions and short-lived tokens - rather than inheriting a user's broad OAuth scopes - minimizing blast radius and aligning with least-privilege principles.


質問 # 21
What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?

  • A. EMUs are only available for GitHub Enterprise Server
  • B. EMUs are managed in GitHub and use GitHub authentication
  • C. EMUs are fully controlled by an IdP and cannot log in with personal credentials
  • D. EMUs can only be created using email invites

正解:C

解説:
EMU accounts are provisioned and authenticated exclusively through your identity provider - users sign in via the IdP and cannot use or manage GitHub-native credentials.


質問 # 22
In a GitHub repository using Dependabot, which of the following best describes the purpose of the .github/dependabot.yml file?

  • A. It configures scheduling, package ecosystems, and target directories for update checks.
  • B. It lists commit SHAs to exclude from automatic pull requests.
  • C. It encrypts dependency versions before storing them in the repo.
  • D. It enables GitHub to scan for secrets in dependency files.

正解:A

解説:
The .github/dependabot.yml file defines Dependabot's package-ecosystem, the directories to inspect, and the update schedule (daily/weekly/monthly), controlling when and where Dependabot checks for new versions.


質問 # 23
You are managing a repository in your organization's GitHub account. A team member asks you to confirm who has access to the repository and their permission levels. Which tool should you use to review and manage repository access?

  • A. Repository Settings > Manage Access.
  • B. Branch Protection Rules.
  • C. GitHub Actions Logs.
  • D. GitHub Pages Settings.

正解:A

解説:
Use theRepositorySettingsManageAccess page to view all users and teams with access and their assigned permission levels.


質問 # 24
Which factor affects GitHub Actions pricing for GitHub-hosted runners on GitHub Enterprise Cloud?

  • A. Number of workflows defined in .github/workflows/
  • B. Total number of repositories using Actions
  • C. Number of contributors to the repository Explanation:Incorrect. Contributor count does not impact billing for Actions
  • D. Operating system used in the runner environment

正解:D

解説:
GitHub Actions billing for GitHub-hosted runners is based on the number of minutes consumed and the operating system of the runner - Linux, Windows, and macOS each have different per-minute rates.


質問 # 25
Our organization is updating its enterprise policies. Which of the following steps should you take to ensure alignment with security requirements?

  • A. Regularly assess and adjust policies based on evolving risks.
  • B. Maintain clear documentation of existing policies and policy changes.
  • C. Implement changes without consulting stakeholders.
  • D. Implement the new enterprise policies across the organization first and then consult with the security team to identify- any necessary adjustments or retrofits

正解:B、D


質問 # 26
Which of the following is the responsibility of an Organization Owner in GitHub? (Choose three.)

  • A. Create repositories without approval from other members.
  • B. View and manage organization billing information.
  • C. Access repositories only if explicitly granted by a team maintainer.
  • D. Manage organization settings, such as configuration and default permissions.

正解:A、B、D

解説:
Organization owners can view and edit billing information for the organization.
Organization owners may create new repositories in the organization without needing approval from other members.
Organization owners have full administrative control over organization settings, including configuring default repository permissions.


質問 # 27
How does metered billing work in GitHub Enterprise Cloud with Enterprise Managed Users (EMU)?

  • A. Billing is based on the number of users created in Azure AD
  • B. Billing is based on total users in the enterprise that are not dormant
  • C. Billing is based on owners and members of GitHub organizations
  • D. Billing is based on number of total users in the enterprise

正解:D

解説:
Billing for GitHub Enterprise Cloud under metered (usage-based) billing is calculated by the total number of Enterprise Managed Users (and other license-consuming accounts) in your enterprise - each EMU consumes a seat and contributes to the monthly bill.


質問 # 28
Which of the following are valid ways to pass data to a reusable workflow in a separate repository?

  • A. Define the secrets in the reusable workflow's repository and reference the secret using the 'secrets' context.
  • B. Define inputs in the reusable workflow and pass values from the calling workflow.
  • C. Define the secrets in the caller repository and call the reusable workflow using the 'secrets' keyword.
  • D. Use environment variables to pass data directly to the reusable workflow.

正解:B、C

解説:
You declare namedinputs in the reusable workflow's on.workflow_call block and then pass values from the caller using thewithkeyword, allowing the called workflow to consume those parameters.
You define required secrets in the caller repository and supply them to the reusable workflow via thesecretskeyword in the workflow-call step, ensuring sensitive values are securely passed.


質問 # 29
Which of the following accurately contrasts a GitHub App and a GitHub Action?

  • A. GitHub Apps can only be used inside .github/workflows
  • B. GitHub Actions are limited to reading repository content only
  • C. GitHub Apps run only on GitHub-provided virtual machines, while GitHub Actions run only on customer-hosted machines
  • D. GitHub Actions can only be used to respond to events within a single repository while GitHub Apps can respond to events from multiple repositories

正解:D

解説:
GitHub Actions workflows are defined and triggered within a single repository's context, whereas GitHub Apps are installed at the organization or user level and can subscribe to events across multiple repositories.


質問 # 30
What will happen if Dependabot discovers a vulnerable transitive dependency in a repository?

  • A. It automatically removes the package from the repository.
  • B. It sends an email to the repository owner but does not alter code.
  • C. It opens a pull request to update the affected package directly, regardless of version compatibility.
  • D. It creates a pull request to update the direct dependency to a version that resolves the vulnerability.

正解:D

解説:
Dependabot will automatically open a pull request that updates the direct dependency to a version which, in turn, resolves (or removes) the vulnerable transitive dependency-ensuring the fix is applied via your declared dependencies.


質問 # 31
An organization wants to share a single API key required for their Actions workflows. They need to restrict its use to only a subset of repositories. Where should they configure the secrets to minimize maintenance?

  • A. Environment secrets
  • B. Repository secrets
  • C. Development environment secrets
  • D. Organization secrets

正解:D

解説:
By defining the API key as an organization secret, you centralize management and can grant access only to the subset of repositories you choose - eliminating per-repo duplication while enforcing the desired scope.


質問 # 32
Why would someone choose to configure a security policy?

  • A. To define which open source packages are permitted for use as part of that repository.
  • B. To communicate corporate security and compliance policies for end users on a private repository.
  • C. To provide information on an open source repository for open source collaborators and researchers that may need to report and disclose sensitive security findings to maintainers securely.
  • D. To prevent anyone from pushing to the repository without approval.

正解:C

解説:
A security policy (the SECURITY.md file) lets maintainers of an open source repository provide clear, private instructions for collaborators and external researchers on how to report and disclose security vulnerabilities responsibly.


質問 # 33
Which of the following correctly describes the difference between controlling actions at the enterprise level versus the organization level in GitHub?

  • A. Enterprise policies configure mandatory settings for organizations.
  • B. Enterprise policies can block specific actions, while organization policies can only enable or disable actions entirely.
  • C. Enterprise policies and organization policies are independent, with organization policies taking precedence for repositories within the organization.
  • D. Enterprise policies apply only to public repositories, while organization policies apply to public, internal, and private repositories.

正解:A

解説:
Enterprise policies let you define and enforce mandatory settings across all member organizations - organization-level policies then operate within the options that the enterprise policy exposes.


質問 # 34
Which of the following is a benefit of creating a new GitHub organization?

  • A. Clear separation of reggs, projects, teams, billing, and organization-specific policies.
  • B. Automatic inheritance of policies from other organizations.
  • C. Reduced administrative overhead.
  • D. Simplified collaboration across all organizations.

正解:A

解説:
Creating a new organization gives you a dedicated container for your shared work, letting you isolate repositories, projects, teams, billing settings, and policy configurations on an organization-by-organization basis.


質問 # 35
What is the potential consequence of enabling multiple rulesets that apply to the same branch in a repository?

  • A. Only the most recently created ruleset will be enforced
  • B. Only organization-level rulesets are enforced over repository-level ones
  • C. All applicable rulesets will be evaluated, and their combined rules enforced
  • D. Rulesets will override each other, leading to unpredictable behavior

正解:C

解説:
If you enable multiple rulesets that target the same branch, GitHub will evaluateevery matching ruleset and enforce the aggregate of their rules - so all constraints from all applicable rulesets apply.


質問 # 36
Which feature is unique to self-hosted runners?

  • A. Dynamic scaling
  • B. Automatic updates to the operating system
  • C. Execute scripts before and after a job
  • D. GPU support

正解:C

解説:
Self-hosted runners support custom pre- and post-job scripts via runner hooks, letting you run arbitrary scripts before a job starts and after it finishes - capabilities not available on GitHub-hosted runners.


質問 # 37
Which of the following GitHub token types supports fine-grained repository permissions AND is recommended for CI/CD automation?

  • A. Device Tokens
  • B. GitHub App Installation Access Tokens
  • C. OAuth tokens
  • D. Personal Access Tokens (PATs)

正解:B

解説:
GitHub App Installation Access Tokens are privileged to the exact permissions you grant the App - down to individual repositories - and rotate automatically, making them the recommended choice for CI/CD automation workflows that demand least-privilege, fine-grained access.


質問 # 38
A financial services company is evaluating GitHub account types. Which of the following is a key distinction between GitHub Enterprise Managed Users and Personal Accounts?

  • A. Personal Accounts are owned by users and can be used for both personal and professional work.
  • B. Personal Accounts provide stricter control over repositories and user activity.
  • C. Enterprise Managed Users require the organization to manage their own authentication server.
  • D. Enterprise Managed Users can collaborate across both personal and enterprise repositories.

正解:A

解説:
Personal Accounts are owned and controlled by individual users and can serve both their personal projects and professional work, whereas Enterprise Managed Users exist solely within the enterprise context and cannot be used for personal repositories.


質問 # 39
......

最新の100%合格保証付きの素晴らしいGH-100試験問題PDF:https://jp.fast2test.com/GH-100-premium-file.html

練習サンプルと問題集と秘訣には2026年最新のGH-100有効なテスト問題集:https://drive.google.com/open?id=1WpT-mlOrpXimxGWJSpqQxCutKs-mf7w-


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어