GitHub Copilot — Question 14

What classification is used to categorize Dependabot alerts? Each correct answer presents part of the solution. (Choose three.)

Answer options

• A. GitHub Security Advisory ID (GHSA)
• B. Static Application Security Testing (SAST)
• C. Common Vulnerabilities and Exposures (CVE)
• D. Common Weakness Enumeration (CWE)
• E. Exploit Prediction Scoring System (EPSS)

Correct answer: C, D, E

Explanation

The correct answers C, D, and E are classifications that relate to the identification and assessment of security vulnerabilities. Common Vulnerabilities and Exposures (CVE) provide a reference for publicly known cybersecurity vulnerabilities, Common Weakness Enumeration (CWE) categorizes software weaknesses, and Exploit Prediction Scoring System (EPSS) helps predict the likelihood of exploitation. Options A and B do not specifically pertain to the classification of Dependabot alerts.