This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Which GitHub Advanced Security feature isn't available on public repositories?
Secret scanning.
Security Overview.
Code scanning.
Where can you enable GitHub Advanced Security for all the private and internal repositories in an organization?
The setting is in the Site admin page of your enterprise account.
The setting is in the organization's Security tab.
The setting is in the organization's Code and security settings.
What can you do to ensure that everyone in your organization is using GitHub Advanced Security?
Give access to security alerts to users and teams with write permission on their repositories.
Add a SECURITY.md file to the root, docs, or .github folder of your organization's repositories.
root
docs
.github
Set a security policy at the organization level.
What should you keep in mind when using GitHub Actions for your security workflows?
You should select the Send write tokens to workflows from pull requests option in the GitHub Actions settings.
You should make sure to use the Code Scanning API endpoints.
You should correctly set up the permissions for the GITHUB_TOKEN used to make authenticated API calls.
You must answer all questions before checking your work.
Was this page helpful?