How do you enable and configure Code Scanning in a GitHub repository?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

How do you enable and configure Code Scanning in a GitHub repository?

Explanation:
Code Scanning is enabled by using the UI button for Code Scanning and choosing which languages to scan. This approach configures the built-in CodeQL analysis to run on pushes and on pull requests, and it outputs results in SARIF format that GitHub uses to surface alerts in the Security tab. It’s the easiest and most integrated way to turn on scanning quickly, because GitHub handles the workflow setup behind the scenes and wires the scanners to the chosen languages. While you can also set up a CodeQL workflow manually or enable scanning via the Security settings, starting from the UI button gives you a ready-to-run configuration with the correct triggers and SARIF output right away.

Code Scanning is enabled by using the UI button for Code Scanning and choosing which languages to scan. This approach configures the built-in CodeQL analysis to run on pushes and on pull requests, and it outputs results in SARIF format that GitHub uses to surface alerts in the Security tab. It’s the easiest and most integrated way to turn on scanning quickly, because GitHub handles the workflow setup behind the scenes and wires the scanners to the chosen languages. While you can also set up a CodeQL workflow manually or enable scanning via the Security settings, starting from the UI button gives you a ready-to-run configuration with the correct triggers and SARIF output right away.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy