Exam: GH-100

Exam Design

Audience Profile
This exam is designed for system administrators, software developers, application administrators, and IT professionals with intermediate-level experience in GitHub Enterprise Administration.

Skills Measured
NOTE: The bullets that follow each of the skills measured are intended to illustrate how we are assessing that skill. Related topics may be covered in the exam.

NOTE: Most questions cover features that are general availability (GA). The exam may contain questions on Preview features if those features are commonly used.

Domain 1: Support GitHub Enterprise for users and key stakeholders (15%)
Support GitHub Enterprise for users and key stakeholders
Distinguish problems that can be solved by an administrator from those that need GitHub Support
Describe how to generate support bundles and diagnostics
Describe how GitHub’s products and services are used within the enterprise to identify underutilized features, integrations in use, most active teams, and repositories
Recommend standards for developer workflows, including code collaboration (fork-and-pull versus branching), branching, branch protection rules, code owners, the code review process, automation, and release strategy
Explain the tooling ecosystem at the enterprise
Explain the enterprise’s CI/CD strategy
Discuss how to recommend tooling and workflows to teams within an enterprise
Explain how GitHub APIs can be used to extend the capabilities of the administrator from the user interface, such as querying or storing the audit log
Locate an asset from the GitHub Marketplace for a specific need (i.e., find the Azure Pipelines GitHub App in the Marketplace, install it, and configure it to deploy your code)
Contrast a GitHub App and an action (i.e., their permissions, how they’re built, how they’re consumed)
List the benefits and risks of using apps and actions from the GitHub Marketplace

Domain 2: Manage user identities and GitHub authentication (20%)
Manage user identities and GitHub authentication
List the implications of enabling SAML single sign-on (SSO) for an individual organization versus all organizations in an enterprise account
List the steps to enable and enforce SAML SSO for a single organization and multiple organizations using enterprise accounts
Explain how to require two-factor authentication (2FA) for an organization
Explain how to choose supported identity providers
Describe how identity management and authorization works on GitHub
List the consequences of a user’s membership in the instance, an organization, or multiple organizations
Describe the authentication and authorization model (specifically, how users get to the system, and how they’re granted access to specific things within GitHub)
List the supported SCIM providers (Azure, Okta, self-created)
Describe how the SCIM protocol works and how GitHub supports it
Describe how Team synchronization works
Contrast team synchronization and SCIM

Domain 3: Domain 3: Describe how GitHub is deployed, distributed, and licensed (5%)
Contrast the capabilities of GitHub Enterprise Server (GHES), GitHub Enterprise Cloud (GHEC), and GitHub AE (GHAE)
Describe GitHub Enterprise Cloud (GHEC)
Describe GitHub Enterprise Server (GHES)
Describe GitHub AE
Differentiate how products are billed, including seat licenses, GitHub Actions, and GitHub Packages
Describe pricing for GitHub Actions
Describe pricing and support options for organizations
Describe how to find statistics of license usage for a specific organization
Describe how to find statistics of license usage for machine accounts and peripheral services
Explain the consumption of metered products given a report (i.e., GitHub Actions minutes or storage for GitHub Packages)

Domain 4: Manage access and permissions based on membership (20%)
Define a GitHub organization
Explain the benefits and costs of deploying a single organization versus multiple organizations
Describe how to set default read permissions versus default write permissions across organizations
Describe Team sync through AD
Explain maintainability; writing scripts against multiple orgs and multiple access rights
Describe how to adjust enterprise policies and organization permissions in alignment with a company’s trust and control position
Describe enterprise permissions and policies
Define a GitHub organization
List the possible roles of an organization member
Contrast permissions for organization members, owners, and billing managers
Describe the difference between being an organization member and an outside collaborator
List the consequences of a user’s membership in an instance or organization
Explain how to give a user the minimum required permissions for repository, organization, or team access.
List the benefits and the drawbacks of creating a new organization
Describe team permissions
Define Teams in a GitHub organization
List the possible roles of a team member
Describe the different permission models
Repository permissions
Explain the actions of a user given a list of their permissions, such as repository role, team membership, or organization membership (https://github.com/organizations/<ORG_NAME>/settings/member_privileges)
List the repository membership options
Explain audit access to a repository

Domain 5: Enable secure software development and ensure compliance (15%)
Enable secure software development and ensure compliance
Explain how GitHub supports the enterprise’s security posture
Describe scrubbing sensitive data from a Git repository (filter-branch/BFG)
Describe scrubbing sensitive data from GitHub (contacting support)
Explain how to choose a policy based on how much control is required
Explain the impacts of choosing a specific set of policies
Define organization policies
Define enterprise policies
Describe how to use the audit log APIs (Rest and GraphQL) to explain a missing asset
Define the use case for audit logs
Describe security and compliance concepts with GitHub
Explain how to provide reports for auditing
Define and explain the importance of the security features of a GitHub repository
Explain the importance of a security policy
Define a vulnerability
Describe a vulnerable dependency
Explain the importance of secret scanning
Explain the importance of code scanning
Describe automated code scanning (CodeQL)
Explain the dependency graph
Explain the importance of a security advisory
Describe Dependabot
Detect and fix outdated dependencies with security vulnerabilities
Describe security vulnerability alerts
Create and implement a security response plan that addresses sensitive data on a GitHub repository
Describe how to use SSH keys and Deploy keys to access repository data
API access and integrations
List supported access tokens (e.g. PAT, Installation Tokens, OAuth and GitHub app OAuth tokens, Device Tokens, Refresh tokens)
Explain how to find a token’s rate limits
Describe GitHub Apps, their repository permissions, user permissions, and event subscriptions
Describe OAuth Apps, their permissions, and event subscriptions
Contrast the use of a personal access token (PAT) or a GitHub App for authenticating a machine account
Describe the use of machine accounts versus GitHub apps
Explain how to approve or deny user-created GitHub Apps and OAuth apps based on a security policy
Define an enterprise managed user (EMU)

Domain 6: Manage GitHub Actions (20%)
Distribute actions and workflows to the enterprise
Identify reuse templates for actions and workflows
Define an approach for managing and leveraging reusable components (i.e., repos for storage, naming conventions for files/folders, plans for ongoing maintenance)
Define how to distribute actions for an enterprise
Explain how to control access to actions within the enterprise
Configure organizational use policies for GitHub Actions
Manage runners for the enterprise
Describe the effects of configuring IP allow lists on GitHub-hosted and self-hosted runners
Configure IP allow lists on internal applications and systems to allow interaction with GitHub-hosted runners
List the effects and potential abuse vectors of enabling self-hosted runners on public repositories
Select appropriate runners to support workloads (i.e., using a self-hosted versus GitHub-hosted runner, choosing supported operating systems)
Contrast GitHub-hosted and self-hosted runners
Configure self-hosted runners for enterprise use (i.e., including proxies, labels, networking)
Manage self-hosted runners using groups (i.e., managing access, moving runners into and between groups)
Monitor, troubleshoot, and update self-hosted runners
Manage encrypted secrets in the enterprise
Identify the scope of encrypted secrets
Explain how to access encrypted secrets within actions and workflows
Explain how to manage organization-level encrypted secrets
Describe how to manage repository-level encrypted secrets
Describe how to use third-party vaults

Domain 7: Manage GitHub Packages (5%)
Describe which GitHub Packages are supported
Describe how to access, write, and share GitHub Packages
Describe how to use GitHub Packages in workflows (i.e., with GitHub Actions or other CI/CD tools)
Explain the differences and use cases between GitHub Packages and releases

GH-100 Brain Dumps Exam + Online / Offline and Android Testing Engine & 4500+ other exams included
$50 - $25 (you save $25)
Buy Now

QUESTION 1
You have subscribed to GitHub Premium Support, and you need to submit a support ticket. GitHub Premium Support can help you with:

A. writing scripts.
B. installing GitHub Enterprise Server.
C. setting up hardware.
D. integrating with third-party applications.

Answer: B

Explanation:
GitHub Premium Support includes assistance with installing and using GitHub Enterprise Server,
ensuring your deployment is configured correctly and any installation issues are resolved.

QUESTION 2
You need to contact GitHub Premium Support. What are valid reasons for submitting a support ticket? (Each answer presents a complete solution. Choose two.)

A. license renewal
B. hardware setup issues or errors
C. business impact from security issues within your organization
D. outages on GitHub.com affecting core Git functionality

Answer: C, D

Explanation:
Business-impact security issues (for example, a critical vulnerability affecting your organization) are
classified as High-priority tickets and are covered under your Premium Support SLA.
Outages on GitHub.com that disrupt core Git or web application functionality trigger Urgent-priority
responses under Premium Supports SLA.

QUESTION 3
Which of the following is a key benefit of using GitHub Marketplace Apps in an enterprise?

A. They guarantee no downtime during enterprise GitHub maintenance windows
B. They often include integrations with external services, reducing the need for custom code
C. Apps eliminate the need for GitHub Actions entirely
D. All apps come pre-approved by GitHub's internal security team

Answer: B

Explanation:
GitHub Marketplace Apps come with built-in integrations to external services - so you can plug in
things like CI servers, code-quality scanners, or deployment tools without writing and maintaining custom connectors.

QUESTION 4
You need to create a support bundle for your GitHub Enterprise Server instance with the hostname
ghe.avocado.corp. What command should you use to create a support bundle?

A. ssh -p 122 adming@ghe.avocado.corp -- 'ghe-support-bundle -o' > support-bundle.tgz
B. ssh -p 122 adming@ghe.avocado.corp “ 'ghe-diagnostics' > support-bundle.tgz
C. curl -u admin https://ghe.avocado.corp/diagnostics/support-bundle.tgz -o
D. ssh -p 122 adming@ghe.avocado.corp -- 'ghe-config generate-support-bundle' > supportbundle.tgz

Answer: A

Explanation:
Run the ghe-support-bundle command over SSH on your appliance and redirect its output to a file.
For example:
ssh -p 122 admin@ghe.avocado.corp -- 'ghe-support-bundle -o' > support-bundle.tgz
This invokes the built-in support-bundle utility on your GitHub Enterprise Server instance and
captures the resulting archive locally.

QUESTION 5
What do you need to successfully generate a support bundle on a GitHub Enterprise Server?

A. Approval from GitHub Support
B. A custom GitHub Action in the root repo
C. Administrator SSH access to the appliance
D. A GitHub App with read:org permissions

Answer: C

GH-100 Brain Dumps Exam + Online / Offline and Android Testing Engine & 4500+ other exams included
$50 - $25 (you save $25)
Buy Complete

Students Feedback / Reviews/ Discussion

Mahrous Mostafa Adel Amin 1 week, 2 days ago - Abuhib- United Arab Emirates
Passed the exam today, Got 98 questions in total, and 2 of them weren’t from exam topics. Rest of them was exactly the same!
upvoted 4 times

Mbongiseni Dlongolo - South Africa2 weeks, 5 days ago
Thank you so much, I passed GH-100 today! 41 questions out of 44 are from Certkingdom
upvoted 2 times

Kenyon Stefanie 1 month, 1 week ago - USA State / Province = Virginia
Thank you so much, huge help! I passed GH-100 Microsoft today! The big majority of questions were from here.
upvoted 2 times

Danny 1 month, 1 week ago - United States CUSTOMER_STATE_NAME: Costa Mesa = USA
Passed the exam today, 100% points. Got 44 questions in total, and 3 of them weren’t from exam topics. Rest of them was exactly the same!

MENESES RAUL 93% 2 week ago - USA = Texas
was from this topic! I did buy the contributor access. Thank you certkingdom!
upvoted 4 times

Zemljaric Rok 1 month, 2 weeks ago - Ljubljana Slovenia
Cleared my exam today - Over 80% questions from here, many thanks certkingdom and everyone for the meaningful discussions.
upvoted 2 times

logged members Can Post comments / review and take part in Discussion

Enter Email

Enter Subject

Enter Comment

Certkingdom Offline Testing Engine Simulator Download

Prepare with yourself how CertKingdom Offline Exam Simulator it is designed specifically for any exam preparation. It allows you to create, edit, and take practice tests in an environment very similar to an actual exam.


Supported Platforms: Windows-7 64bit or later - EULA | How to Install?


FAQ's: Windows-8 / Windows 10 if you face any issue kinldy uninstall and reinstall the Simulator again.



Download Offline Simulator-Beta

Certkingdom Testing Engine Features

• Certkingdom Testing Engine simulates the real exam environment.
• Interactive Testing Engine Included
• Live Web App Testing Engine
• Offline Downloadable Desktop App Testing Engine
• Testing Engine App for Android
• Testing Engine App for iPhone
• Testing Engine App for iPad
• Working with the Certkingdom Testing Engine is just like taking the real tests, except we also give you the correct answers.
• More importantly, we also give you detailed explanations to ensure you fully understand how and why the answers are correct.

Certkingdom Android Testing Engine Simulator Download

Take your learning mobile android device with all the features as desktop offline testing engine. All android devices are supported.
Supported Platforms: All Android OS EULA

Install the Android Testing Engine from google play store and download the app.ck from certkingdom website android testing engine download

Certkingdom Android Testing Engine Features

• CertKingdom Offline Android Testing Engine
• Make sure to enable Root check in Playstore
• Live Realistic practice tests
• Live Virtual test environment
• Live Practice test environment
• Mark unanswered Q&A
• Free Updates
• Save your tests results
• Re-examine the unanswered Q & A
• Make your own test scenario (settings)
• Just like the real tests: multiple choice questions
• Updated regularly, always current