Configure privacy, content exclusions, and safeguards
Drill 20 practice questions focused entirely on Configure privacy, content exclusions, and safeguards for the GitHub GH-300 exam. Tap an answer for instant feedback and a full explanation — no sign-up, always free.
A developer on your team wants to prevent Copilot from using a directory of sensitive configuration files as context for suggestions. They ask you where and by whom content exclusions can be configured for your GitHub organization's repositories. Which statement accurately describes how content exclusions are set up?
A repository administrator configures a content exclusion rule in the repository settings to block Copilot from accessing a directory containing proprietary licensing logic. A developer who has never touched those files opens the repository in their IDE and begins editing an unrelated module. Which statement correctly describes how the content exclusion rule affects this developer?
A developer at a company using Copilot Business reports that when they open `config/prod-secrets.yaml`, which is covered by a repository content exclusion rule, they receive no inline code completions in that file. However, they are surprised that when they manually paste a snippet from that same file into the Copilot Chat panel and ask Copilot to explain it, they still get a response. Which statement best explains this behavior?
A platform team adds a content exclusion rule so that files under the `config/secrets/` directory are excluded from Copilot. A developer who normally works across the whole repository reports that Copilot completions have stopped appearing entirely, even in unrelated application source files. What is the MOST likely explanation for this behavior?
A developer at Contoso reports that files under a proprietary /vendor directory are still receiving Copilot code completions, even though a repository administrator recently added a content exclusion rule for that directory. When you inspect where content exclusion rules can be defined, which statement correctly describes how Copilot determines which exclusion rules apply to a given file in the IDE?
An administrator adds a new content exclusion rule in the repository settings to prevent Copilot from using files in the '/config/credentials' directory. A developer on the team reports that even after the rule was saved, Copilot still generates completions that reference those files while they have the project open in VS Code. What is the most likely reason, and what should the developer do?
A security lead configures content exclusions in the organization settings to block Copilot from using a directory named 'secrets/' that contains credential files. A developer later asks the security lead whether excluding these files also guarantees that the file names, directory structure, and paths within 'secrets/' are hidden from GitHub's servers and never referenced anywhere. What is the accurate response?
Your team configured content exclusions so that files under `/config/secrets/` are excluded from Copilot. A developer is editing `app.py` (not excluded), and the code imports and calls functions defined in `/config/secrets/keys.py`. As the developer types in `app.py`, what should they expect regarding Copilot completions?
An organization has configured content exclusions for a repository named 'payments-core' so that Copilot ignores its files inside developers' IDEs. A security lead notices that when browsing that same repository on GitHub.com and using Copilot Chat in the web interface to ask about the excluded files, the assistant still references their contents. The lead asks you to explain this behavior. What is the most accurate explanation?
A repository administrator wants to prevent GitHub Copilot from using any files in the repository's `infra/secrets/` directory as context for completions. They open the repository's Copilot content exclusion settings and need to add a path entry. Which entry correctly excludes all files under that directory, including files in nested subdirectories?
Your organization has configured content exclusions for a sensitive repository. Some developers use Visual Studio Code, while others use JetBrains IDEs and Neovim. A JetBrains developer reports that content exclusions appear to be respected in their editor, but a teammate insists content exclusions only work in VS Code. Which statement most accurately describes content exclusion support across these editors?
A platform administrator adds a new content exclusion rule in the organization settings to block Copilot from accessing a directory containing proprietary configuration files. A developer on the team immediately opens a file in that directory and reports that Copilot is still generating completions based on its contents. What is the most likely explanation the administrator should give?
A team lead on the GitHub Copilot Business plan wants to configure content exclusions so that a sensitive configuration directory is never used as context by Copilot. When they navigate to their organization settings, they discover the content exclusion configuration option is not available. What is the most likely reason?
A platform team excludes the repository directory /libs/pricing-engine/** using Copilot content exclusions. A developer working in a separate microservice repository writes code that imports and calls a public helper function whose name and signature happen to match one defined in the excluded pricing-engine directory. The developer is surprised when Copilot completions in the microservice still suggest usages referencing that function name. What is the best explanation for this behavior?
A backend developer notices that ever since the platform team added a content exclusion rule for the repository's `/config/legacy-secrets/` directory, Copilot completions in a nearby service file feel less accurate. The service file itself is not excluded, but it imports and calls helper functions defined in files under the excluded directory. The developer asks why the suggestions in the allowed file seem to have gotten worse. What is the most accurate explanation?
A developer at a financial firm reports that Copilot is still suggesting completions inside a sensitive `payment-keys.ts` file, even though an administrator recently added a content exclusion rule targeting that file in the organization's settings. The administrator confirms the YAML rule is syntactically valid and correctly scoped to the file path. What is the MOST likely reason the exclusion is not yet taking effect for this developer?
Your organization has configured Copilot content exclusions on a repository named 'payments-core' to block Copilot from using its files as context. A developer creates a personal fork of 'payments-core' into their own GitHub account and clones that fork locally. When they open files from the forked clone in their IDE, they notice Copilot provides inline completions using content from those files. They open a support ticket claiming content exclusions are broken. What is the most accurate explanation of this behavior?
A security engineer at your company wants to prevent GitHub Copilot from ever reading a file named 'secrets.env' that stores API keys. They add it to the repository's content exclusion configuration and ask you whether this now guarantees the file's contents can never appear as context in any Copilot feature. What is the most accurate response about the protection and its limitations?
A platform administrator edits the repository's content exclusion settings in the GitHub UI, adding several glob patterns to protect internal configuration directories. A few days later, developers report that files that should have been excluded are still generating inline completions. The administrator confirms the paths are correct but notices the YAML they pasted has inconsistent indentation and a missing colon on one entry. What is the most likely reason the exclusions are not taking effect?
An administrator configures a content exclusion in the repository settings to block a directory named `secrets/` from being used by Copilot. A developer on the team reports that Copilot code completions correctly stop referencing files in that directory, but they are worried that Copilot Chat can still surface content from those files through prior indexed context. What should the administrator understand about how content exclusions apply here?
More GH-300 practice
Keep going with the other GitHub Copilot domains, or take a full timed mock exam.
← Back to GH-300 overview