GH-100 Exam Dumps - Microsoft GitHub Administrator Questions and Answers

Self‑hosted runners support custom pre‑and post‑job scripts via runner hooks, letting you run arbitrary scripts before a job starts and after it finishes - capabilities not available on GitHub‑hosted runners.

Delete branch operations aren’t tracked as Git-activity events; the Git activity audit log only records Git events such as clone, fetch (pull), and push.

You need a GitHub App. Marketplace integrations that listen for events like repository.created and send notifications are delivered as GitHub Apps, since they can subscribe to organization‑level webhooks without you writing custom code.

Each API call authenticated with a token generates its own audit-log event, so you’ll see a distinct entry for every action performed across different resources, each annotated with the token’s hashed ID, actor, and source IP.

You set the access policy on the Organization Secret itself - configuring its visibility so it’s scoped automatically to only internal and private repositories.

Use the Repository Settings → Manage Access page to view all users and teams with access and their assigned permission levels.

GitHub App Installation Access Tokens are privileged to the exact permissions you grant the App - down to individual repositories - and rotate automatically, making them the recommended choice for CI/CD automation workflows that demand least‑privilege, fine‑grained access.

By defining the API key as an organization secret, you centralize management and can grant access only to the subset of repositories you choose - eliminating per‑repo duplication while enforcing the desired scope.

The administrator should first review the user’s repository role and the branch protection rules applied to that branch. A 403 error on push almost always indicates that the user either lacks the necessary write permissions or is not listed among the actors authorized by the branch protection settings.