GitHub Copilot · 20% of the exam

Copilot for Pull Requests, Projects and Administration: free practice questions

5 sample questions from our 12-question bank for this domain — answers and explanations included. These are the same scenario-based style as the real GitHub exam.

1. An organization administrator wants to use the GitHub Copilot Metrics API to build an internal dashboard tracking weekly suggestion acceptance rates by team. Which statement correctly describes a requirement for accessing this API?

  • A. The API requires a personal access token (PAT) with the `copilot` scope issued by an individual seat holder
  • B. The API is accessible only via GitHub Actions and cannot be called from external systems
  • C. The API requires authentication with a token that has the `manage_billing:copilot` or `read:org` scope, and the organization must have Copilot Business or Enterprise✓ Correct
  • D. The API returns data in real time per-keystroke and requires a WebSocket connection
Explanation

The GitHub Copilot Metrics API (`/orgs/{org}/copilot/metrics`) requires the caller to authenticate with a token holding `manage_billing:copilot` (or at minimum `read:org` for some endpoints) and is available only to organizations on Copilot Business or Enterprise plans. Option A is incorrect — a `copilot` PAT scope does not exist; Copilot API access uses billing/org management scopes. Option B is incorrect — the API is a standard REST API accessible from any HTTP client, not restricted to GitHub Actions. Option D is incorrect — the Metrics API returns aggregated daily or summary statistics via REST (JSON over HTTPS), not real-time per-keystroke data over WebSockets.

2. An organization on GitHub Copilot Business wants to allow Copilot access for its engineering teams but completely disable the Copilot Chat feature in the IDE for all members while still allowing code completion suggestions. Where and how should the administrator make this change?

  • A. Ask every developer to manually disable Copilot Chat in their individual IDE extension settings
  • B. In Organization Settings → Copilot → Policies, toggle the 'Copilot Chat in the IDE' policy to 'Disabled' for the organization✓ Correct
  • C. Remove the `copilot-chat` permission from each user's personal access token
  • D. Uninstall the GitHub Copilot Chat extension from the organization's managed device images
Explanation

Copilot Business organization administrators can enable or disable specific Copilot features — including Copilot Chat in the IDE — via the Policies section in Organization Settings → Copilot. Setting 'Copilot Chat in the IDE' to Disabled enforces this for all members regardless of their personal settings. Option A is incorrect — relying on individual developers to self-configure does not provide enforcement and can be overridden. Option C is incorrect — PAT scopes do not control access to Copilot Chat features; Copilot access is seat-based and policy-based, not token-scope-based. Option D is incorrect — uninstalling the extension from device images is an IT endpoint management approach, not a GitHub platform policy, and would not be effective for developers who install extensions themselves.

3. A large enterprise runs all developer traffic through a corporate TLS-inspecting proxy. After deploying GitHub Copilot, developers report that Copilot suggestions are not loading and they see SSL certificate errors in their IDE logs. Which TWO actions should the IT administrator take to resolve this issue? (Select TWO)

  • A. Add the corporate proxy's root CA certificate to the IDE's or OS's trusted certificate store✓ Correct
  • B. Set the `HTTPS_PROXY` environment variable to point to the corporate proxy endpoint✓ Correct
  • C. Disable TLS verification in the Copilot extension settings by toggling `copilot.advanced.debug.overrideProxySupport`
  • D. Allowlist `*.githubcopilot.com` and `api.github.com` directly in the proxy to bypass TLS inspection for Copilot traffic
  • E. Ask all developers to switch to HTTP instead of HTTPS for Copilot endpoints
Explanation

Two correct actions: (1) Adding the corporate proxy's root CA certificate to the trusted store allows the IDE (and OS) to validate the proxy's re-signed certificates, resolving SSL errors. (2) Setting `HTTPS_PROXY` ensures Copilot's extension routes its HTTPS traffic through the corporate proxy so it can reach GitHub's endpoints. Option C is incorrect — disabling TLS verification is a security anti-pattern and not a supported or recommended Copilot configuration. Option D describes bypassing TLS inspection, which may resolve the certificate error but is a network-layer change; however, this alone does not ensure the proxy is configured for routing (both A and B together are the standard solution), and this option doesn't address the client-side configuration. Option E is incorrect — Copilot only operates over HTTPS; downgrading to HTTP is not supported and would be a serious security risk.

4. A GitHub Enterprise Cloud organization administrator is configuring Copilot for Issues. A product manager wants to use Copilot to generate a detailed issue description from a partially filled-out issue form. Which THREE statements accurately describe how Copilot for Issues works? (Select THREE)

  • A. Copilot generates the issue body based on the issue title and any existing content the user has typed✓ Correct
  • B. Copilot for Issues requires the repository to have a pre-defined issue template for Copilot to expand upon
  • C. The feature must be enabled by an organization administrator in Copilot policy settings before members can use it✓ Correct
  • D. Copilot-generated issue descriptions can be edited by the user before the issue is submitted✓ Correct
  • E. Copilot automatically creates and assigns the issue to a team member based on the content it generates
  • F. The feature is available on all GitHub plans including Free personal accounts without any administrator configuration
Explanation

Three correct statements: (A) Copilot uses the issue title and any content the user has already typed as context to generate a suggested description — it works with partial input. (C) Copilot for Issues is a feature that must be enabled by an org administrator in the Copilot policy settings; it is not on by default. (D) The generated description is a suggestion that populates the issue body field, which the user can freely edit before submitting. Option B is incorrect — a pre-defined issue template is not required; Copilot can generate content even from a blank or minimally filled form. Option E is incorrect — Copilot does not automatically create, submit, or assign issues; it only generates suggested text. Option F is incorrect — Copilot for Issues is a managed feature tied to Copilot Business/Enterprise plans and requires administrator enablement, not available freely to all GitHub accounts.

5. An organization wants to prevent GitHub Copilot from ever suggesting code derived from a proprietary internal library stored in a private repository called `acme/core-engine`. The organization wants this exclusion enforced for ALL members regardless of their individual settings. Where should the administrator configure this exclusion?

  • A. In each developer's personal Copilot settings under 'Content Exclusions'
  • B. By adding a `.copilotignore` file to the root of the `acme/core-engine` repository
  • C. In the organization's Copilot policy settings under 'Content Exclusion', specifying the repository path✓ Correct
  • D. By setting the repository visibility of `acme/core-engine` to private
Explanation

Organization-level content exclusions are configured by an organization administrator in the organization's GitHub Copilot policy settings under 'Content Exclusion'. This enforces the exclusion for all members and overrides individual user settings. Option A is incorrect — personal settings apply only to the individual user and cannot be mandated by admins for all members. Option B is incorrect — `.copilotignore` is not an official GitHub Copilot feature; content exclusion is managed through repository or organization settings, not a `.copilotignore` file. Option D is incorrect — repository visibility controls who can access the code, but does not instruct Copilot to exclude that content from suggestions.

7 more questions in this domain

Practice the full bank with instant grading, flashcards, and a timed mock exam.

Start practicing free