Amazon
Avaya
Cisco
CompTIA
CrowdStrike
EC-Council
EXIN
Fortinet
Google
ISC
ISC2
ITIL
Juniper
Microsoft
NVIDIA
Okta
Palo Alto Networks
Salesforce
All Vendors
  1. Home
  2. Microsoft
  3. GH-100

Microsoft GH-100 Exam (page: 2)
Microsoft GitHub Administration
Updated on: 12-Feb-2026

Viewing Page 2 of 10
GH-100 PDF 65 Questions

When comparing Group SCIM to Team Sync for identity management in GitHub Enterprise, which statement is Correct?

  1. Group SCIM requires less initial configuration than Team Sync.
  2. Team Sync supports more identity providers than Group SCIM.
  3. Team Sync provides more automated user deprovisioning than Group SCIM.
  4. Group SCIM enables centralized user and group management through the IdP.

Answer(s): D

Explanation:

GroupSCIM lets you manage both user accounts and group memberships centrally in your identity provider - automatically provisioning, updating, and deprovisioning users and groups in GitHub - whereas TeamSync only mirrors IdP group membership into existing GitHub teams.



Why is a GitHub App preferred over a PAT for machine authentication?

  1. GitHub Apps are required to pass SAML assertions
  2. GitHub Apps have time-limited installation tokens with scoped access
  3. PATs cannot be used in GitHub Actions
  4. PATs support fewer GitHub APIs than Apps

Answer(s): B

Explanation:

GitHub Apps issue short-lived installation tokens that you scope to only the permissions and repositories your automation needs, reducing blast radius and automatically rotating credentials.



You are planning GitHub account management for a healthcare organization with strict compliance requirements.
Which THREE of the following statements accurately describe GitHub Enterprise Managed Users (EMU) accounts? (Choose three.)

  1. EMU accounts can be used for both personal and enterprise repositories.
  2. EMU accounts are managed through an identity provider such as Azure AD.
  3. EMU accounts allow users to create and manage their own credentials.
  4. EMU accounts restrict users to enterprise-related activities only
  5. EMU accounts are created and managed by individual users.
  6. EMU accounts are owned by the organization and cannot be unlinked.

Answer(s): B,D,F

Explanation:

Enterprise Managed User accounts are provisioned and authenticated exclusively through your identity provider (for example, AzureAD), so the IdP handles their creation, attribute updates, and deprovisioning.
Managed user accounts cannot create public content or interact with repositories outside your enterprise; they're confined to private and internal repos within the enterprise. EMU accounts are owned and controlled by the enterprise (via the IdP) and cannot be converted into or unlinked as personal accounts outside that enterprise.



A GitHub Enterprise administrator is planning to implement SAML SSO across their company.
Which of the following correctly distinguishes enterprise-wide SAML SSO from organization-level SAML SSO?

  1. Enterprise-wide SAML SSO requires less initial administrative overhead than organization-level implementation.
  2. Enterprise-wide SAML SSO allows different organizations to use different authentication methods.
  3. Enterprise-wide SAML SSO immediately removes users who fail to authenticate via the IdP.
  4. Enterprise-wide SAML SSO ensures users authenticate through the same IdP across all organizations.

Answer(s): D

Explanation:

Enterprise-wide SAML SSO enforces a single IdP across all member organizations--its configuration overrides any per-organization SAML settings, so everyone must authenticate through the same provider.



What distinguishes Enterprise Managed Users (EMUs) from standard GitHub accounts?

  1. EMUs are fully controlled by an IdP and cannot log in with personal credentials
  2. EMUs can only be created using email invites
  3. EMUs are managed in GitHub and use GitHub authentication
  4. EMUs are only available for GitHub Enterprise Server

Answer(s): A

Explanation:

EMU accounts are provisioned and authenticated exclusively through your identity provider - users sign in via the IdP and cannot use or manage GitHub-native credentials.



Your organization is implementing team synchronization.
Which of the following should you prioritize during the setup process?

  1. Disabling the audit log stream
  2. Setting an infrequent sync schedule to reduce performance impact
  3. Allowing manual updates to team memberships
  4. Clearly define how identity provider groups will align with GitHub teams and roles

Answer(s): D

Explanation:

Before you enable team synchronization, you should clearly define how groups in your identity provider will map to GitHub teams and roles - ensuring that when the sync runs, users land in the correct teams with the right permissions.



What makes GitHub Apps a more secure choice for automation over OAuth Apps?

  1. GitHub Apps always require two-factor authentication.
  2. GitHub Apps can only be installed by organization owners.
  3. GitHub Apps are limited to read-only access and cannot write to repositories.
  4. GitHub Apps authenticate as an app with fine-grained permissions, not as a user.

Answer(s): D

Explanation:

GitHub Apps authenticate as themselves with fine-grained, installation-scoped permissions and short-lived tokens - rather than inheriting a user's broad OAuth scopes - minimizing blast radius and aligning with least-privilege principles.



Why would a GitHub App be favored over a machine account for automation tasks?

  1. Machine accounts are required for webhook delivery.
  2. GitHub Apps provide a higher rate limit ceiling than using a personal access token on a machine account, when they use an install token and are owned by a GitHub Enterprise Cloud licensed enterprise.
  3. GitHub Apps are limited to a single repository.
  4. Machine accounts are easier to audit than GitHub Apps.

Answer(s): B

Explanation:

GitHub Apps authenticate with short-lived installation tokens scoped to fine-grained permissions and, when owned by a GitHub Enterprise Cloud organization, enjoy a higher rate limit (15,000 requests/hour) compared to a machine account's personal access token.



Viewing Page 2 of 10



Share your comments for Microsoft GH-100 exam with other users:

sachin 12/27/2023 2:45:00 PM

question 232 answer should be perimeter not netowrk layer. wrong answer selected
Anonymous


tomAws 7/18/2023 5:05:00 AM

nice questions
BRAZIL


Rahul 6/11/2023 2:07:00 AM

hi team, could you please provide this dump ?
INDIA


TeamOraTech 12/5/2023 9:49:00 AM

very helpful to clear the exam and understand the concept.
Anonymous


Curtis 7/12/2023 8:20:00 PM

i think it is great that you are helping people when they need it. thanks.
UNITED STATES


sam 7/17/2023 6:22:00 PM

cannot evaluate yet
Anonymous


nutz 7/20/2023 1:54:00 AM

a laptops wireless antenna is most likely located in the bezel of the lid
UNITED STATES


rajesh soni 1/17/2024 6:53:00 AM

good examplae to learn basic
INDIA


Tanya 10/25/2023 7:07:00 AM

this is useful information
Anonymous


Nasir Mahmood 12/11/2023 7:32:00 AM

looks usefull
Anonymous


Jason 9/30/2023 1:07:00 PM

question 81 should be c.
CANADA


TestPD1 8/10/2023 12:22:00 PM

question 18 : response isnt a ?
EUROPEAN UNION


ally 8/19/2023 5:31:00 PM

plaese add questions
TURKEY


DIA 10/7/2023 5:59:00 AM

is dumps still valid ?
FRANCE


Annie 7/7/2023 8:33:00 AM

thanks for this
EUROPEAN UNION


arnie 9/17/2023 6:38:00 AM

please upload questions
Anonymous


Tanuj Rana 7/22/2023 2:33:00 AM

please upload the question dump for professional machinelearning
Anonymous


Future practitioner 8/10/2023 1:26:00 PM

question 4 answer is c. this site shows the correct answer as b. "adopt a consumption model" is clearly a cost optimization design principle. looks like im done using this site to study!!!
Anonymous


Ace 8/3/2023 10:37:00 AM

number 52 answer is d
UNITED STATES


Nathan 12/17/2023 12:04:00 PM

just started preparing for my exam , and this site is so much help
Anonymous


Corey 12/29/2023 5:06:00 PM

question 35 is incorrect, the correct answer is c, it even states so: explanation: when a vm is infected with ransomware, you should not restore the vm to the infected vm. this is because the ransomware will still be present on the vm, and it will encrypt the files again. you should also not restore the vm to any vm within the companys subscription. this is because the ransomware could spread to other vms in the subscription. the best way to restore a vm that is infected with ransomware is to restore it to a new azure vm. this will ensure that the ransomware is not present on the new vm.
Anonymous


Rajender 10/18/2023 3:54:00 AM

i would like to take psm1 exam.
Anonymous


Blessious Phiri 8/14/2023 9:53:00 AM

cbd and pdb are key to the database
SOUTH AFRICA


Alkaed 10/19/2022 10:41:00 AM

the purchase and download process is very much streamlined. the xengine application is very nice and user-friendly but there is always room for improvement.
NETHERLANDS


Dave Gregen 9/4/2023 3:17:00 PM

please upload p_sapea_2023
SWEDEN


Sarah 6/13/2023 1:42:00 PM

anyone use this? the question dont seem to follow other formats and terminology i have been studying im getting worried
CANADA


Shuv 10/3/2023 8:19:00 AM

good questions
UNITED STATES


Reb974 8/5/2023 1:44:00 AM

hello are these questions valid for ms-102
CANADA


Mchal 7/20/2023 3:38:00 AM

some questions are wrongly answered but its good nonetheless
POLAND


Sonbir 8/8/2023 1:04:00 PM

how to get system serial number using intune
Anonymous


Manju 10/19/2023 1:19:00 PM

is it really helpful to pass the exam
Anonymous


LeAnne Hair 8/24/2023 12:47:00 PM

#229 in incorrect - all the customers require an annual review
UNITED STATES


Abdul SK 9/28/2023 11:42:00 PM

kindy upload
Anonymous


Aderonke 10/23/2023 12:53:00 PM

fantastic assessment on psm 1
UNITED KINGDOM