Which feature allows defining custom patterns for secrets beyond the built-in set?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

Which feature allows defining custom patterns for secrets beyond the built-in set?

Explanation:
Custom patterns in secret scanning let you add your own regular expressions to detect secrets that aren’t covered by the built-in rules. This is essential when your organization uses proprietary tokens or nonstandard formats, because you can tailor detection to those specific patterns. Once you define a pattern, the scanner flags any code or commits that match it, helping prevent leakage of those secrets. That’s why this option is the best fit: it directly enables extending detection beyond the built-in set. The other options describe different security features—Push Protection for Secrets blocks secrets at push time but doesn’t introduce new detection patterns, CVE deals with vulnerability advisories, and Phase 0 isn’t related to secret pattern definitions.

Custom patterns in secret scanning let you add your own regular expressions to detect secrets that aren’t covered by the built-in rules. This is essential when your organization uses proprietary tokens or nonstandard formats, because you can tailor detection to those specific patterns. Once you define a pattern, the scanner flags any code or commits that match it, helping prevent leakage of those secrets. That’s why this option is the best fit: it directly enables extending detection beyond the built-in set. The other options describe different security features—Push Protection for Secrets blocks secrets at push time but doesn’t introduce new detection patterns, CVE deals with vulnerability advisories, and Phase 0 isn’t related to secret pattern definitions.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy