Question 2 - Microsoft GH-500 Real Exam Questions [Jan 2026 Update]

Q: 2

– [Configure and Use Secret Scanning] What is a prerequisite to define a custom pattern for a repository?

Options

Correct Answer:

Explanation

Custom patterns are an advanced configuration of the secret scanning feature. The base secret scanning functionality must be active before you can extend it with custom rules. Enabling secret scanning is the foundational step that allows the system to scan for secrets. Once enabled, you can then augment its capabilities by defining custom patterns for the repository, organization, or enterprise. Without the core feature being enabled, there is no scanning engine to which custom patterns can be applied.

Why Incorrect

A. Change the repository visibility to Internal: Secret scanning and custom patterns are available for various repository visibilities (private, internal, and public on Enterprise), not just 'Internal'. This is not a required prerequisite step.

B. Close other secret scanning alerts: The state of existing alerts is irrelevant to the configuration of new scanning patterns. Alert management and pattern definition are separate, independent administrative tasks.

C. Specify additional match criteria: This is an optional step during the process of defining a custom pattern to reduce false positives, not a prerequisite before you can start defining one.

References

1. GitHub Docs

"Defining custom patterns for secret scanning." Under the "Prerequisites" section

the documentation explicitly states: "Before you can define a custom pattern for your repository

you must enable secret scanning for your repository." This document also confirms that custom patterns are a feature of GitHub Advanced Security.

2. GitHub Docs

"Configuring secret scanning for your repositories." This page details the process of enabling the feature

which is the necessary first step before any advanced configuration

such as adding custom patterns

can be performed. It establishes enabling the feature as the primary action.

3. GitHub Docs

"About secret scanning." This document provides an overview of the feature

explaining that it is enabled at the repository or organization level. This foundational enablement is a prerequisite for all subsequent configurations

including custom patterns.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE