Explain how to interpret a Code Scanning alert's 'Severity' and 'Confidence' fields.

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

Explain how to interpret a Code Scanning alert's 'Severity' and 'Confidence' fields.

Explanation:
Severity reflects the potential impact or risk if the finding were exploited, helping you prioritize which issues pose the biggest threat. Confidence shows how certain the scanner is that the finding is real—the likelihood that it’s a true vulnerability rather than a false positive. Together, they guide triage: a high-severity alert with high confidence demands prompt attention; a high-severity alert with lower confidence may need human verification before acting; lower-severity issues can be scheduled with lower urgency. The other options describe metrics unrelated to how Code Scanning presents risk and certainty.

Severity reflects the potential impact or risk if the finding were exploited, helping you prioritize which issues pose the biggest threat. Confidence shows how certain the scanner is that the finding is real—the likelihood that it’s a true vulnerability rather than a false positive.

Together, they guide triage: a high-severity alert with high confidence demands prompt attention; a high-severity alert with lower confidence may need human verification before acting; lower-severity issues can be scheduled with lower urgency. The other options describe metrics unrelated to how Code Scanning presents risk and certainty.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy