Microsoft · GH-200
Validates proficiency in automating workflows and accelerating development with GitHub Actions, covering workflow creation, automation, CI/CD pipeline management, and enterprise-level strategies.
Questions
310
Duration
100 minutes
Passing Score
Not publicly disclosed
Difficulty
IntermediateLast Updated
Jan 2026
Use this GH-200 practice exam to prepare for GitHub Actions (GH-200) with realistic questions, detailed explanations, and focused study modes. The practice bank includes 310 questions for Microsoft GH-200, so you can review the exam steadily instead of relying on one long cram session.
As you practice, pay extra attention to recurring topics such as Author and maintain workflows (40%), Consume workflows (20%), Author and maintain actions (25%), and Manage GitHub Actions for the enterprise (15%). Start with short sessions to identify weak areas, then move into timed quizzes once your accuracy is consistent.
The explanations are especially useful when you want to connect exam wording to the responsibilities and scenarios described in the official certification guidance. Use the free preview first, then unlock the full question bank when you are ready to build a complete study routine.
The GitHub Actions certification (GH-200) is an intermediate-level credential issued by GitHub and delivered through Microsoft's certification ecosystem via Pearson VUE. It validates expertise in automating software development workflows using GitHub Actions, covering the full lifecycle from authoring event-driven workflows and custom actions to managing automation at enterprise scale. The exam was significantly updated in January 2026, adding new objectives around security hardening, OIDC federation, artifact attestations, and YAML tooling, reflecting the platform's rapid evolution.
The certification spans five functional domains: authoring and managing workflows, consuming and troubleshooting workflows, authoring and maintaining actions, managing GitHub Actions for the enterprise, and securing and optimizing automation. Candidates are assessed on practical skills such as configuring matrix strategies, implementing reusable workflows, scoping GITHUB_TOKEN permissions, pinning third-party actions to full commit SHAs, and enforcing organization-level action usage policies. The exam emphasizes applied problem-solving over theoretical knowledge, making hands-on experience with GitHub Actions a prerequisite to success.
This certification is designed for DevOps engineers, software developers, build and release engineers, platform engineers, and technical team leads who work with GitHub Actions at an intermediate or advanced level. Suitable candidates are already comfortable reading and writing YAML workflow files, understand CI/CD concepts, and have direct experience navigating GitHub repositories, workflow run logs, and Actions configuration.
The credential is particularly valuable for professionals responsible for designing and maintaining CI/CD pipelines, scaling automation infrastructure across teams, and enforcing security and governance policies within GitHub organizations and enterprises. Solution architects who specify automation strategies and students pursuing DevOps career paths are also recognized target roles by Microsoft.
There are no formal prerequisites or mandatory prior certifications required to sit for GH-200. However, the exam is pitched at an intermediate level, and Microsoft recommends that candidates have hands-on experience automating software development workflows with GitHub Actions before attempting it. Familiarity with CI/CD principles, GitHub repositories, GitHub Packages, and integrating third-party services is expected.
Candidates should be comfortable with YAML syntax (including anchors, aliases, and merge keys), understand GitHub-hosted and self-hosted runner behavior, and have working knowledge of security concepts such as encrypted secrets, environment protections, OIDC token-based cloud federation, and the GITHUB_TOKEN lifecycle. Completing the Microsoft Learn path 'Automate your workflow with GitHub Actions' is the officially recommended preparatory resource.
The GH-200 exam is administered by Pearson VUE and allows 100 minutes to complete. It is available in English, Spanish, Portuguese (Brazil), Korean, and Japanese, with an additional 30 minutes granted if the exam is taken in a non-native language. The exam is proctored and may include interactive components in addition to standard question types; candidates can preview the interface via the official exam sandbox at GHCertDemo.starttest.com before exam day.
A score of 700 or greater (on a scale typically up to 1000) is required to pass. The exact number of questions is not publicly disclosed by Microsoft, and the exam may include unscored pilot questions. If a candidate fails, a retake is permitted after a 24-hour waiting period; subsequent retakes follow Microsoft's standard retake policy. The exam is priced based on the country or region where it is proctored, with a typical cost of approximately $99 USD.
The GH-200 certification signals specialized proficiency in GitHub Actions to employers at a time when CI/CD automation skills are a standard expectation for mid- to senior-level DevOps, platform engineering, and build engineering roles. GitHub is one of the most widely used development platforms globally, and Actions has become a dominant workflow automation tool, making this credential directly relevant to a broad range of job descriptions. Certified professionals are well-positioned for roles including DevOps Engineer, Platform Engineer, Build and Release Engineer, and Software Automation Engineer.
Salary impact varies by region and experience level, but DevOps and automation-focused engineers in the United States typically earn between $120,000 and $180,000 USD annually, with the certification serving as a differentiator during hiring and promotion discussions. According to Pearson VUE's Value of IT Certification research, 32% of certified professionals receive salary increases after earning a credential, and 79% report producing higher quality work. Compared to broader cloud certifications, GH-200 is narrowly focused on GitHub's native toolchain, making it a strong complement to cloud provider certifications (AWS, Azure, GCP) rather than a replacement — candidates with both categories of credentials demonstrate end-to-end CI/CD and deployment pipeline expertise.
5 sample questions with answers and explanations. Start a practice session to test yourself across all 310 questions.
Preview — answers shown1. DefinitionPro Solutions is creating their first custom GitHub Action and needs to properly structure the action configuration file. The development team must ensure their action.yml file contains all required elements for proper functionality. Which keywords are mandatory for a valid action.yml file?
Explanation
The mandatory keywords for a valid action.yml file are name, runs, and description. The name field provides a human-readable identifier for the action, description explains what the action does, and runs specifies how the action executes including the execution environment and entry point. These three elements form the minimum required configuration for GitHub to recognize and execute a custom action. Additional optional fields like inputs, outputs, author, and branding can enhance the action but are not required for basic functionality.
2. AdvancedAutomation Solutions wants to implement complex GitHub repository management workflows that combine multiple GitHub Script operations with external file processing and conditional logic. What approach enables sophisticated automation workflows with GitHub Script?
Explanation
Sophisticated automation workflows combine GitHub Script with actions/checkout for repository access, Node.js modules for enhanced functionality, and conditional workflow steps for logic control. This approach enables reading template files, processing repository content, making API calls based on complex conditions, and organizing automation into maintainable workflow steps. The combination of GitHub Script's API access, Node.js capabilities, and workflow conditional logic creates powerful automation that can handle complex repository management scenarios while maintaining the simplicity of workflow-based automation.
3. ComplianceTracking Industries operates in a regulated environment where they must maintain detailed records of all software deployments, including what was deployed, when, by whom, and to which environments. They need comprehensive deployment tracking for audit purposes. How should they implement deployment tracking and compliance logging?
Explanation
Implementing comprehensive workflow logging with external compliance systems integration provides the detailed audit trail required for regulated environments. Workflows should log deployment details including artifacts deployed, target environments, approval workflows, test results, and deployment outcomes to external compliance systems. Integration with enterprise audit systems ensures long-term retention and regulatory compliance. Deployment workflows should capture metadata about deployments, including change requests, approval chains, and rollback procedures. This comprehensive approach supports regulatory audits, incident investigations, and compliance reporting requirements that go beyond standard GitHub audit capabilities.
4. ReusableSteps Industries has multiple workflows with identical patterns for code checkout, Node.js setup, and dependency installation. They want to eliminate duplication while maintaining flexibility for different Node.js versions. What composite action structure provides optimal reusability?
Explanation
Parameterized composite actions with inputs provide optimal reusability by accepting configuration parameters like Node.js versions while maintaining standardized step sequences. The action.yml file defines inputs (e.g., node-version) that workflows can specify when calling the action. Internal steps use these inputs with ${{ inputs.node-version }} syntax to customize behavior. This approach eliminates workflow duplication while providing flexibility for different use cases, enabling teams to maintain standard automation patterns with customizable parameters for specific requirements.
5. UserManagement Corporation is implementing GitHub Enterprise and needs to understand different user management approaches for their organization. They require centralized control over user accounts and authentication. What is the Enterprise Managed Users (EMU) model?
Explanation
Enterprise Managed Users (EMU) is a user management model where user accounts are fully controlled by the enterprise through centralized identity providers. In EMU, authentication is handled via corporate SAML/SCIM providers, administrators control user lifecycles including creation and deactivation, usernames and email addresses are enterprise-managed, and managed users can only participate in their assigned enterprise without independent GitHub activity. This model provides maximum control and compliance for organizations requiring strict governance over user access and authentication methods.
Microsoft Dynamics 365 Supply Chain Management Functional Consultant Expert (MB-335)
MB-335 · 2039 questions
Microsoft Dynamics 365 Business Central Functional Consultant (MB-800)
MB-800 · 1899 questions
Microsoft Certified: Azure AI Engineer Associate (AI-102)
AI-102 · 1392 questions
Microsoft Certified: Windows Server Hybrid Administrator Associate (AZ-801)
AZ-801 · 1376 questions
Microsoft Dynamics 365 Finance Functional Consultant (MB-310)
MB-310 · 1299 questions
Microsoft 365 Certified: Fundamentals (MS-900)
MS-900 · 1201 questions
$17.99
One-time access to this exam