Question #1*

Which of the following statements are true regarding the use of GitHub Actions
on a GitHub Enterprise Server instance? (Choose three.)
A. Use of GitHub Actions on GitHub Enterprise Server requires a persistent internet
connection
B. Actions created by GitHub are automatically available and cannot be disabled
C. Most GitHub authored actions are automatically bundled for use on GitHub
Enterprise Server
D. Third party actions can be used on GitHub Enterprise Server by configuring
GitHub Connect
E. Actions must be defined in the .github repository
F. Third party actions can be manually synchronized for use on GitHub Enterprise
Server

Correct Answer: A,D,F

GitHub Actions on GitHub Enterprise Server often requires an internet connection,

especially for accessing actions from the GitHub Marketplace or third-party actions
unless they are manually synced to the server.
To use third-party actions on GitHub Enterprise Server, GitHub Connect can be used
to establish a connection between the server and GitHub.com, enabling access to
third-party actions.
Third-party actions can also be manually synchronized to the GitHub Enterprise
Server, making them available for use in workflows.

Question #2
Which workflow commands send information from the runner? (Choose two.)
A. reading from environment variables
B. setting a debug message
C. populating variables in a Dockerfile
D. setting output parameters

Correct Answer: B,D

Setting a debug message using ::debug:: command sends a message to the logs,
helping with troubleshooting and providing insight into the workflow run.
Setting output parameters using ::set-output sends data from a job step to subsequent
steps or jobs, which can be used later in the workflow.

Question #3
As a DevOps engineer, you are trying to leverage an organization secret in a
repo. The value received in the workflow is not the same as that set in the secret.
What is the most likely reason for the difference?
A. There is a different value specified at the repo level.
B. There is a different value specified at the workflow level.
C. The Codespace secret doesn't match the expected value.
D. The Encrypt Secret setting was not configured for the secret.
E. There is a different value specified at the enterprise level.

Correct Answer: A

GitHub secrets are defined at different levels: organization, repository, and sometimes
at the workflow level.
If a secret is defined at both the organization level and the repository level, the
repository-level secret will take precedence. So, if the value of the secret differs
between these levels, the workflow will use the value from the repository level instead
of the organization level.

Question #4*
Your organization is managing secrets using GitHub encrypted secrets,
including a secret named SuperSecret.
As a developer, you need to create a version of that secret that contains a
different value for use in a workflow that is scoped to a specific repository
named MyRepo. How should you store the secret to access your specific version
within your workflow?
A. Create a duplicate entry for SuperSecret in the encrypted secret store and specify
MyRepo as the scope.
B. Create MyRepo_SuperSecret in GitHub encrypted secrets to specify the scope to
MyRepo.
C. Create a file with the SuperSecret. information in the .qithub/secrets folder in
MyRepo.
D. Create and access SuperSecret from the secrets store in MyRepo.
Correct Answer: B

To scope a secret to a specific repository, you can create a new secret with a name
like MyRepo_SuperSecret in the secrets section of the MyReporepository's settings.
This ensures that the secret is specific to that repository and can be used within its
workflows.

Question #5
Which files are required for a Docker container action in addition to the source
code? (Choose two.)
A. Dockerfile
B. Actionfile
C. metadata.yml
D. action.yml

Correct Answer: A,D

Dockerfile: TheDockerfile is required for Docker container actions. It defines the

environment for the action, specifying the base image, dependencies, and any
commands to set up the action's runtime inside the container.
action.yml: The action.yml file is required for all GitHub Actions, including Docker
container actions. It contains metadata about the action, including the inputs, outputs,
and the runtime environment (which in this case is Docker, defined underruns.using).

Question #6
A development team has been using a Powershell script to compile and package
their solution using existing tools on a Linux VM, which has been configured as a
self-hosted runner. They would like to use the script as- is in an automated
workflow. Which of the following should they do to invoke their script within a
workflow step?
A. Configure a self-hosted runner on Windows with the requested tools.
B. Use the YAML powershell: step.
C. Run the pwsh2bash command to convert the script so it can be run on Linux.
D. Use the YAML shell: pwsh in a run step.
E. Use the actions/run-powershell action to invoke the script.
Correct Answer: DxxxSince the self-hosted runner is configured on a Linux VM and
the script is written in PowerShell, you can invoke the script using the pwsh
(PowerShell Core) shell in a run step in the workflow. This ensures that the script runs
as-is on the Linux runner, as PowerShell Core (pwsh) is cross-platform and supports
Linux.

Question #7
Which workflow command would output the debug message "action successfully
debugged"?
A. echo :debug::message=action successfully debugged"
B. echo "debug-action successfully debugged"
C. echo "::debug::action successfully debugged"
D. echo ":debug:action successfully debugged:"

Correct Answer: C

The ::debug:: syntax is used to output debug messages in GitHub Actions workflows.
This command will print the message "action successfully debugged" in the debug
logs when the workflow runs.

Question #8
As a developer, you are optimizing a GitHub workflow that uses and produces
many different files. You need to determine when to use caching versus workflow
artifacts. Which two statements are true? (Choose two.)
A. Use caching when reusing files that change rarely between jobs or workflow runs.
B. Use artifacts when referencing files produced by a job after a workflow has ended.
C. Use caching to store cache entries for up to 30 days between accesses.
D. Use artifacts to access the GitHub Package Registry and download a package for a
workflow

Correct Answer: A,B

Caching is ideal for files that change rarely, such as dependencies or build outputs, as
it speeds up subsequent workflow runs by reusing previously cached files instead of
re-downloading or rebuilding them.
Artifacts are used for persisting files produced during a job that need to be used in
later jobs or after the workflow has ended, allowing them to be downloaded or
referenced later.

Question #9
As a developer, you need to integrate a GitHub Actions workflow with a third-
party code quality provider that uses the Checks API. How should you trigger a
follow-up workflow?
A. Add the workflow_run webhook event as a trigger for the workflow for the code
quality integration name
B. Add the check_run webhook event as a trigger for the workflow when the code
quality integration is completed
C. Add the pull_request webhook event as a trigger for the workflow when the code
quality integration is synchronized
D. Add the deployment webhook event as a trigger for the workflow when the code
quality integration is completed

Correct Answer: B

Thecheck_runevent is triggered when a check (such as a code quality check)

completes, including when the status of a check changes. By adding this event as a
trigger, you can initiate a follow-up workflow when the code quality integration
finishes its checks.

Question #10*
As a developer, which workflow steps should you perform to publish an image to
the GitHub Container Registry? (Choose three.)
A. Use the actions/setup-docker action
B. Authenticate to the GitHub Container Registry.
C. Build the container image.
D. Push the image to the GitHub Container Registry
E. Pull the image from the GitHub Container Registry.

Correct Answer: A,B,D

A: Use the actions/setup-docker action

B: Authenticate to the GitHub Container Registry.
C: Build the container image.
D: Push the image to the GitHub Container Registry
E: Pull the image from the GitHub Container Registry.

Question #11
You need to make a script to retrieve workflow run logs via the API. Which is
the correct API to download a workflow run log?
A. POST /repos/:owner/:repo/actions/runs/:run_id
B. GET /repos/:owner/:repo/actions/artifacts/logs
C. GET /repos/:owner/:repo/actions/runs/:run_id/logs
D. POST /repos/:owner/:repo/actions/runs/:run_id/logs

Correct Answer: C

The GET /repos/:owner/:repo/actions/runs/:run_id/logs API endpoint is used to

retrieve the logs of a specific workflow run identified by run_id. This is the correct
method for downloading logs from a workflow run.

Question #12
Which syntax correctly accesses a job output (output1) of an upstream job (job1)
from a dependent job within a workflow?
A. ${{needs.job1.outputs.output1}}
B. ${{needs.job1.output1}}
C. ${{depends.job1.output1}}
D. ${{job1.outputs.output1}}

Correct Answer: A

Theneedscontext is used to reference the outputs of jobs that are dependencies of the
current job. In this case, needs.job1.outputs.output1correctly accesses the output
ofoutput1from the jobjob1in the dependent job.

Question #13
Where should workflow files be stored to be triggered by events in a repository?
A. .github/workflows/
B. .github/actions/
C. Nowhere; they must be attached to an act on in the GitHub user interface
D. anywhere
E. .workflows/

Correct Answer: A

Workflow files must be stored in the .github/workflows/ directory of the repository.

This is the standard location for GitHub Actions workflow files, and workflows in this
directory are automatically triggered by events defined in the file, such as pushes, pull
requests, or other GitHub events.

Question #14**
How should you install the bats NPM package in your workflow?
A.
jobs :
example-job:
steps:
- npm install -g bats
B.
jobs :
steps:
- run: npm install -g bats
C.
jobs :
runs-on: ubuntu-latest
- run: npm install -g bats
D.
jobs :
example-job:
runs-on: ubuntu-latest
steps:
- run: npm install -g bats

Correct Answer: D

The correct syntax includes specifying the job (example-job), the runner (ubuntu-
latest), and the necessary step (npm install -g bats) within the workflow. This ensures
that the package is installed properly during the execution of the job.
Question #15*
Which scopes are available to define custom environment variables within a
workflow file? (Choose three.)
A. the entire workflow, by using env at the top level of the workflow file
B. all jobs being run on a single Actions runner, by using runner.env at the top of the
workflow file
C. the entire stage, by using env at the top of the defined build stage
D. within the run attribute of a job step
E. the contents of a job within a workflow, by using jobs.<job_id>.env
F. a specific step within a job, by using jobs.<job_id>.steps[*].env

Correct Answer: A,D,F AEF

You can define environment variables for the entire workflow by using the env key at
the top level of the workflow file. These environment variables will be available to all
jobs and steps within the workflow.
Environment variables can also be set within the run attribute of a job step, and these
variables will be scoped only to that specific step.
You can set environment variables for specific steps within a job by using
jobs.<job_id>.steps[*].env, which allows you to define variables that will only be
available to that step.

Question #16
Which default GitHub environment variable indicates the name of the person or
app that initiated a workflow?
A. ENV_ACTOR
B. GITHUB_WORKFLOW_ACTOR
C. GITHUB_ACTOR
D. GITHUB_USER

Correct Answer: C

The GITHUB_ACTOR environment variable indicates the name of the person or app
that initiated the workflow. This variable is automatically provided by GitHub in the
workflow and can be used to identify the user or application triggering the workflow.
Question #17
When reviewing an action for use, what file defines its available inputs and
outputs?
A. inputs.yml
B. config.json
C. defaults.json
D. workflow.yml
E. action.yml

Correct Answer: E

The action.yml file defines the inputs and outputs for a GitHub Action. This file
contains metadata about the action, including the required inputs and outputs, as well
as other configurations like the action's description, runs, and environment setup.

Question #18
As a developer, you are using a Docker container action in your workflow. What
is required for the action to run successfully?
A. The job env must be set to a Linux environment.
B. The job runs-on must specify a Linux machine with Docker installed.
C. The referenced action must be hosted on Docker Hub.
D. The action must be published to the GitHub Marketplace.

Correct Answer: B

For a Docker container action to run in a GitHub Actions workflow, the runner must
have Docker installed.
The runs-on attribute of the job should specify an environment that supports Docker,
typically a Linux environment (e.g., ubuntu-latest), since Docker is widely supported
and commonly used in Linux-based environments.

Question #19
You need to create new workflows to deploy to an unfamiliar cloud provider.
What is the fastest and safest way to begin?
A. Create a custom action to wrap the cloud provider's CLI.
B. Search GitHub Marketplace for verified actions published by the cloud provider.
C. Use the actions/jenkins-plugin action to utilize an existing Jenkins plugin for the
cloud provider.
D. Search GitHub Marketplace for actions created by GitHub.
E. Download the CLI for the cloud provider and review the associated documentation.

Correct Answer: B

Searching the GitHub Marketplace for verified actions published by the cloud
provider is the quickest and safest approach. Many cloud providers offer verified
GitHub Actions that are maintained and optimized to interact with their services.
These actions typically come with the correct configurations and best practices,
allowing you to get started quickly without reinventing the wheel.

Question #20
As a developer, what options should you recommend to implement standards for
automation reuse? (Choose two.)
A. Create workflow templates and store them in the organization's .github repository.
B. Create reusable actions and workflows that can be called from other workflows.
C. Create a marketplace partition to publish reusable automation for the company.
D. Store shared corporate actions in subfolders in a defined and documented
internally accessible repository.

Correct Answer: A,B

Creating workflow templates in the organization's .github repository allows the

organization to standardize workflows and make them easily reusable across multiple
repositories. This ensures consistency and simplifies maintenance.
Creating reusable actions and workflows that can be called from other workflows
helps modularize and standardize automation tasks. These reusable components can
be maintained centrally and called from different workflows across repositories.

Question #21
What is the right method to ensure users approve a workflow before the next
step proceeds?
A. creating a branch protection rule and only allow certain users access
B. granting users workflow approval permissions
C. adding users as required reviewers for an environment
D. granting users repository approval permissions

Correct Answer: C

GitHub Actions allows you to configure environment protection rules, where you can
require specific users or teams to approve the deployment before the workflow
proceeds to the next step. This ensures that the required reviewers approve the
workflow before any sensitive actions (such as deployment) occur.

Question #22
As a developer, you are optimizing a GitHub workflow that uses and produces
many different files. You need to determine when to use caching versus workflow
artifacts. Which two statements are true? (Choose two.)
A. Use artifacts when referencing files produced by a job after a workflow has ended.
B. Use caching to store cache entries for up to 30 days between accesses.
C. Use artifacts to access theGitHub Package Registry and download a package for a
workflow
D. Use caching when reusing files that change rarely between jobs or workflow runs.

Correct Answer: A,D

Question #23
In which locations can actions be referenced by workflows? (Choose three.)
A. a separate public repository
B. an .action extension file in the repository
C. the same repository as the workflow
D. a published Docker container image on Docker Hub
E. the runs-on: keyword of a workflow file
F. the repository's Secrets settings page
G. a public NPM registry

Correct Answer: A,C,D

Actions can be stored in a separate public repository and referenced in workflows by

specifying the repository and action name.
Actions can also be stored in the same repository as the workflow and referenced
directly by their path (e.g., ./.
github/actions/my-action).
Actions can be packaged as Docker container images and published to Docker Hub.
These can then be referenced in workflows by specifying the Docker image.

Question #24
Disabling a workflow allows you to stop a workflow from being triggered
without having to delete the file from the repo. In which scenarios would
temporarily disabling a workflow be most useful? (Choose two.)
A. A workflow sends requests to a service that is down.
B. A workflow error produces too many, or wrong, requests, impacting external
services negatively.
C. A workflow is configured to run on self-hosted runners
D. A workflow needs to be changed from running on a schedule to a manual trigger
E. A runner needs to have diagnostic logging enabled.

Correct Answer: A,B

If a workflow depends on an external service that is down, disabling the workflow

temporarily will prevent it from running and sending requests to the service, thus
avoiding failed requests or unnecessary retries.
If a workflow is causing a negative impact on external services by generating too
many requests or incorrect data due to a bug, temporarily disabling the workflow will
stop this behavior while the issue is fixed.

Question #25
Which of the following scenarios requires a developer to explicitly use the
GITHUB_TOKEN or github.token secret within a workflow? (Choose two.)
A. passing the GITHUB_TOKEN secret to an action that requires a token as an input
B. making an authenticated GitHub API request
C. checking out source code with the actions/checkout@v3 action
D. assigning non-default permissions to the GITHUB_TOKEN

Correct Answer: A,B

Some actions may require a GITHUB_TOKEN as an input to authenticate and

perform specific tasks, such as creating issues, commenting on pull requests, or
interacting with the GitHub API. In such cases, you would need to explicitly pass the
token to the action.
When making an authenticated GitHub API request, the GITHUB_TOKEN is
required to authenticate the request. This token is automatically provided by GitHub
in the workflow, and it must be explicitly used when interacting with the GitHub API.

Question #26
You installed specific software on a Linux self-hosted runner. You have users
with workflows that need to be able to select the runner based on the identified
custom software. Which steps should you perform to prepare the runner and
your users to run these workflows? (Choose two.)
A. Create the group custom-software-on-linux and move the runner into the group.
B. Inform users to identify the runner based on the group.
C. Add the label custom-software to the runner.
D. Configure the webhook and network to enable GitHub to trigger workflow.
E. Add the label linux to the runner.

Correct Answer: B,C

Once the runner is properly configured and labeled, users should be informed to select
the specific runner by identifying the label or group name when defining the runner in
their workflows.
Adding a custom label (likecustom-software) to the runner makes it easier for users to
select the runner in their workflows by using theruns-onkey, which allows them to
choose this specific runner based on its label.

Question #27
Which workflow event is used to manually trigger a workflow run?
A. create
B. workflow_dispatch
C. workflow_run
D. status

Correct Answer: B

The workflow_dispatch event is used to manually trigger a workflow run in GitHub

Actions. You can specify this event in the workflow file to allow users to manually
trigger the workflow from the GitHub UI, often with optional input parameters.
Question #28
What metadata file in a custom action defines the main entry point?
A. action.js
B. index.js
C. action.yml
D. main.yml

Correct Answer: C

The action.yml file is the metadata file in a custom GitHub Action that defines the
main entry point, including information such as the inputs, outputs, description, and
the runs key that specifies the main entry point (e.g., a script or a Docker container).

Question #29*
Which default GitHub environment variable indicates the owner and repository
name?
A. REPOSITORY NAME
B. GITHUB REPOSITORY
C. ENV REPOSITORY
D. GITHUB WORKFLOW REPO

Correct Answer: A

The GITHUB_REPOSITORY environment variable contains the owner and

repository name in the format owner/repository. It is automatically provided by
GitHub Actions and can be used to reference the repository in workflows.

Question #30
You are a developer working on developing reusable workflows for your
organization. What keyword should be included as part of the reusable workflow
event triggers?
A. check_run
B. workflow_run
C. workflow_call
D. pull_request
Correct Answer: C

The workflow_call event is used to trigger a reusable workflow from another

workflow. This allows you to create workflows that can be reused in multiple places
within your organization, enabling better modularity and reducing duplication.

Question #31
Based on the YAML below, which two statements are correct? (Choose two.)
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: 12
- run: npm ci
- run: npm test

publish-npm:
needs: build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v1
with:
node-version: 12
- run: npm ci
- uses: JS-DevTools/npm-publish@v1
with:
token: ${{ secrets.NPM_TOKEN } }

A. This workflow will publish a package to an npm registry.

B. This workflow will publish a package to GitHub Packages.
C. This workflow file is using a matrix strategy.
D. The workflow job publish-npm will only run after the build job passes.
Correct Answer: A,D

The publish-npm job includes the JS-DevTools/npm-publish action, which is used to

publish an npm package to an npm registry.
The publish-npm job has the needs: build directive, meaning it will only run after the
build job successfully completes.

Question #32
In which scenarios could the GITHUB_TOKEN be used? (Choose two.)
A. to leverage a self-hosted runner
B. to create a repository secret
C. to publish to GitHub Packages
D. to create issues in the repo
E. to read from the file system on the runner
F. to add a member to an organization

Correct Answer: C,D

The GITHUB_TOKEN is automatically provided by GitHub in workflows and can be

used to authenticate API requests to GitHub, including publishing packages to GitHub
Packages.
The GITHUB_TOKEN is also used to authenticate API requests for actions like
creating issues, commenting, or interacting with pull requests within the same
repository.

Question #33*
How many jobs will result from the following matrix configuration?
strategy:

matrix:
color: [green, pink]
animal: [owl, magpie]
include:
- color: blue
animal: owl
- color: pink
animal: magpie
A. 3 jobs
B. 4 jobs
C. 5 jobs
D. 6 jobs

Correct Answer: D

The matrix configuration specifies two variables: color and animal. The color variable
has 2 values (green and pink), and the animal variable has 2 values (owl and magpie).
This would result in 4 combinations (2 color values × 2 animal values). Additionally,
the include section introduces two more combinations (color: blue and animal: owl;
color: pink and animal: magpie).

Question #34*
Which of the following scenarios would require the use of self-hosted runners
instead of GitHub-hosted runners?
A. running more than the three concurrent workflows supported by GitHub-hosted
runners
B. exceeding 50,000 monthly minutes of build time
C. using Docker containers as part of the workflow
D. using specialized hardware configurations required for workflows
E. performing builds on macOS

Correct Answer: A,D

GitHub-hosted runners have a limit on the number of concurrent workflows (typically

20 for free-tier accounts and 5 for enterprise). If your organization needs to run more
workflows simultaneously, you would need to use self-hosted runners to increase the
available concurrency.
Self-hosted runners allow you to configure specialized hardware or software setups
that are necessary for certain workflows. GitHub-hosted runners may not have access
to custom hardware configurations like GPUs or other specialized resources, so self-
hosted runners are required in such cases.

Question #35
You have exactly one Windows x64 self-hosted runner, and it is configured with
custom tools. Which syntax could you use in the workflow to target that runner?
A. self-hosted: [windows-x64]
B. runs-on: [self-hosted, windows, x64]
C. runs-on: windows-latest
D. self-hosted: [windows, x64]

Correct Answer: B

The runs-on keyword allows you to specify the operating system and other labels for
the runner. By specifying self-hosted, windows, and x64, you are targeting a self-
hosted Windows runner that matches these criteria, which aligns with the custom
configuration of your self-hosted runner.

Question #36
As a developer, how can you identify a Docker container action on GitHub?
A. The action's repository includes @actions/core in the root directory.
B. The action's repository name includes the keyword "Docker."
C. The action.yml metadata file references a Dockerfile file.
D. The action.yml metadata file has the runs.using value set to Docker.

Correct Answer: D

In a Docker container action, theaction.ymlfile includes theruns.usingfield, which is

set todockerto specify that the action runs inside a Docker container. This is the key
indicator that the action is a Docker container action.

Question #37
As a developer, you want to review the step that caused a workflow failure and
the failed step's build logs.
First navigate to the main page of the repository on GitHub. Which section
contains the step failure information?
A. Insights
B. Code
C. Actions
D. Pull requests
E. Issues

Correct Answer: C
The Actions tab on the main page of the repository is where you can find detailed
information about the workflow runs, including step failures and build logs. You can
review the status of each job and step within the workflow, see the failure messages,
and access logs for debugging.

Question #38
What are the two ways to pass data between jobs? (Choose two.)
A. Use the copy action with restore parameter to restore the data from the cache
B. Use the copy action to save the data that should be passed in the artifacts folder.
C. Use the copy action with cache parameter to cache the data
D. Use data storage.
E. Use job outputs
F. Use artifact storage.

Correct Answer: E,F

Job outputs are used to pass data from one job to another in a workflow. A job can
produce output values (like variables or files), which can be referenced by subsequent
jobs using theneedskeyword and${{ steps.step_id.
outputs.output_name }}syntax.
Artifact storage allows data (such as files or results) to be saved by a job and then
retrieved by another job in a later step. This is commonly used for passing large
amounts of data or files between jobs.

Question #39
Without the need to use additional infrastructure, what is the simplest and most
maintainable method for configuring a workflow job to provide access to an
empty PostgreSQL database?
A. Use service containers with a Postgres database from Docker hub.
B. Run the actions/postgres action in a parallel job.
C. It is currently impossible to access the database with GitHub Actions.
D. Dynamically provision and deprovision an environment.

Correct Answer: A

GitHub Actions supports the use of service containers, which allows you to spin up a
PostgreSQL database (or any other service) in a Docker container during your
workflow. You can pull a PostgreSQL image from Docker Hub, and the container
will automatically be available to your workflow job. This method requires no
additional infrastructure and is easy to configure and maintain, as you simply define
the container in the workflow file.

Question #40
Which default environment variable specifies the branch or tag that triggered a
workflow?
A. GITHUB_TAG
B. GITHUB_REF
C. ENV_BRANCH
D. GITHUB_BRANCH

Correct Answer: B

The GITHUB_REF environment variable specifies the branch or tag that triggered the
workflow. It contains the full reference to the branch or tag, such as refs/heads/main
for a branch or refs/tags/v1.0 for a tag.

Question #41
As a developer, what is the safest way to reference an action to prevent
modification of the underlying code?
A. Use a commit hash.
B. Use a branch name.
C. Use a patch release tag.
D. Use a major release tag.

Correct Answer: A

Using acommit hashis the safest method because it references a specific point in time
in the repository's history. This ensures that the action is locked to that exact version
and will not be affected by any future changes or modifications to the codebase. Even
if the action is updated later, your workflow will continue using the specific commit
you referenced.
Question #42
How can GitHub Actions encrypted secrets be used in if: conditionals within a
workflow job?
A. Set the encrypted secret as a job-level environment variable and then reference the
environment variable within the conditional statement.
B. Create a job dependency that exposes the encrypted secret as a job output, which
can then be leveraged in a subsequent dependent job.
C. Use the secrets context within the conditional statement, e.g. $
{{ secrets.MySuperSecret }}.
D. Use a workflow command to expose the encrypted secret via a step's output
parameter and then use the step output in the job's if: conditional.

Correct Answer: C

GitHub Actions encrypted secrets can be accessed in workflows using

thesecretscontext. You can directly reference the secret within anif:conditional using$
{{ secrets.MySuperSecret }}to determine whether a job or step should run based on
the secret's value.

Question #43
What is the smallest scope for an environment variable?
A. the workflow settings
B. a step
C. a job
D. the workflow env mapping

Correct Answer: B

The smallest scope for an environment variable is within astep. Environment variables
defined within a step are only accessible to that particular step, which makes it the
smallest scope for a variable in a GitHub Actions workflow.

Question #44
What are the advantages of using a matrix strategy in a job definition? (Choose
two.)
A. It can test code in multiple versions of a programming language.
B. It can decrease the costs for running multiple combinations of programming
language/operating systems.
C. It can run up to 512 jobs per workflow run.
D. It can test code in multiple operating systems.

Correct Answer: A,D

A matrix strategy allows you to define different versions of a programming language

(or any other environment setting) and run tests on each version simultaneously. This
is particularly useful for testing code compatibility across different versions of a
language.
A matrix strategy can also be used to test code on multiple operating systems (e.g.,
Windows, macOS, Linux) by defining these operating systems as matrix variables.
This enables cross-platform testing within the same workflow.

Question #45*
GitHub-hosted runners support which capabilities? (Choose two.)
A. automatic patching of both the runner and the underlying OS
B. automatic file-system caching between workflow runs
C. support for Linux, Windows, and mac
D. support for a variety of Linux variations including CentOS, Fedora, and Debian
E. requiring a payment mechanism (e.g., credit card) to use for private repositories

Correct Answer: C,D

GitHub-hosted runners automatically handle patching, meaning they will be kept up

to date with the latest security updates and software patches for both the runner
environment and the underlying operating system.
GitHub-hosted runners support Linux, Windows, and macOS, giving you flexibility to
run workflows on different operating systems without needing to manage your own
self-hosted runners.