How can you differentiate Code Scanning alerts from Secret Scanning alerts in the UI?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

How can you differentiate Code Scanning alerts from Secret Scanning alerts in the UI?

Explanation:
Code scanning and secret scanning come from different scanning processes and are surfaced in separate parts of the Security UI. Code scanning alerts come from CodeQL analysis runs, while secret scanning alerts come from detecting secrets in code or in history. Because they originate from distinct checks, GitHub places them in different sections under Security—code scanning alerts in the Code scanning area and secret scanning alerts in the Secrets/Secret scanning area. This separation helps you triage by type and know which tool flagged the issue. The other options imply they share the same section, or that secret alerts never appear, which isn’t accurate.

Code scanning and secret scanning come from different scanning processes and are surfaced in separate parts of the Security UI. Code scanning alerts come from CodeQL analysis runs, while secret scanning alerts come from detecting secrets in code or in history. Because they originate from distinct checks, GitHub places them in different sections under Security—code scanning alerts in the Code scanning area and secret scanning alerts in the Secrets/Secret scanning area. This separation helps you triage by type and know which tool flagged the issue. The other options imply they share the same section, or that secret alerts never appear, which isn’t accurate.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy