|
64 | 64 | - content: "Encrypted secrets are encrypted environment variables you can create to store sensitive information." |
65 | 65 | isCorrect: true |
66 | 66 | explanation: "Correct. Once created, encrypted secrets become available for use in your workflows and actions at the level at which they were created (organization or repository)." |
| 67 | + |
| 68 | + - content: What is a key benefit of using **reusable workflows** in GitHub Actions? |
| 69 | + choices: |
| 70 | + - content: Prevents any external contributors from running workflows |
| 71 | + isCorrect: false |
| 72 | + explanation: Reusable workflows improve standardization, but they do not automatically block external contributors. Security settings must be configured separately. |
| 73 | + - content: Reduces redundancy and maintenance overhead |
| 74 | + isCorrect: true |
| 75 | + explanation: Reusable workflows help avoid repetitive configuration across multiple repositories, reducing maintenance effort. |
| 76 | + - content: Can only be used in the same repository where they are defined |
| 77 | + isCorrect: false |
| 78 | + explanation: Reusable workflows can be referenced from a different repository, allowing broader reuse. |
| 79 | + - content: Automatically restricts all workflows to internal users |
| 80 | + isCorrect: false |
| 81 | + explanation: GitHub does not enforce internal-only workflow execution unless explicitly configured. |
| 82 | + |
| 83 | + - content: What is a primary benefit of using **GitHub-hosted runners** instead of self-hosted runners? |
| 84 | + choices: |
| 85 | + - content: Full control over hardware and software configuration |
| 86 | + isCorrect: false |
| 87 | + explanation: Full control is a feature of self-hosted runners. |
| 88 | + - content: Ability to access internal/private networks |
| 89 | + isCorrect: false |
| 90 | + explanation: GitHub-hosted runners do not have direct access to internal networks. |
| 91 | + - content: Automatic updates for the OS and preinstalled packages |
| 92 | + isCorrect: true |
| 93 | + explanation: GitHub-hosted runners are automatically updated by GitHub, including OS patches and preinstalled tools. |
| 94 | + - content: Custom installation of non-standard software |
| 95 | + isCorrect: false |
| 96 | + explanation: Custom installation is supported with self-hosted runners, not GitHub-hosted ones. |
| 97 | + |
| 98 | + - content: What is the best practice when managing **encrypted secrets** in GitHub Actions? |
| 99 | + choices: |
| 100 | + - content: Print secrets in workflow logs to assist with debugging |
| 101 | + isCorrect: false |
| 102 | + explanation: Secrets should never be exposed in logs. |
| 103 | + - content: Use the same secret across all repositories for consistency |
| 104 | + isCorrect: false |
| 105 | + explanation: Sharing the same secret increases security risk and violates the principle of least privilege. |
| 106 | + - content: Limit access by defining secrets at the lowest necessary level |
| 107 | + isCorrect: true |
| 108 | + explanation: Scoping secrets appropriately minimizes exposure and enhances security. |
| 109 | + - content: Store secrets in the GitHub Actions log archive |
| 110 | + isCorrect: false |
| 111 | + explanation: Storing secrets in logs is unsafe and not a recommended practice. |
| 112 | + |
0 commit comments