The security operations centre uses tooling to ___ a threat as soon as it appears.
To detect a threat means to identify malicious activity, ideally early and automatically. Detect is the precise security term, behind "threat detection" and "intrusion detection systems." See, notice, and spot are informal and passive. Analysts run "detection rules to detect threats," so detect a threat is the correct collocation for recognising hostile behaviour in systems and networks before it can cause significant damage.
2 / 5
Once an attacker is inside, responders must ___ the breach to stop it spreading.
To contain a breach means to limit its spread by isolating affected systems. Contain is the precise incident-response term, behind "containment phase" in frameworks like NIST. Hold in, keep in, and close are informal or imprecise. Responders "contain the incident" before eradicating it, so contain the breach is the correct collocation for restricting an attacker's reach while you prepare to remove them.
3 / 5
When a vulnerability is disclosed, teams must ___ the affected software quickly.
To patch software means to apply an update that fixes a security flaw. Patch is the precise term, behind "patch management" and "security patches." Fix up, mend, and repair are general and not the fixed security term. Teams track "time to patch" critical CVEs, so patch the software is the correct collocation for closing known vulnerabilities by installing vendor-supplied corrections promptly.
4 / 5
After containment, the team will ___ the underlying weakness so it cannot recur.
To remediate a vulnerability means to fully resolve the root weakness, not just suppress symptoms. Remediate is the precise security term, behind "remediation plan" and "vulnerability remediation." Cure, heal, and soothe are medical metaphors out of place here. Teams "remediate findings from a scan," so remediate the weakness is the correct collocation for permanently fixing the issue that allowed an incident to happen.
5 / 5
Regulators require companies to ___ their systems regularly for compliance.
To audit systems means to formally examine them against standards and policies. Audit is the precise term, behind "security audit" and "audit log." Check over, look through, and review up are informal or not real phrases. Organisations undergo "annual security audits," so audit the systems is the correct collocation for the structured, documented examination needed to verify controls are working and compliance requirements are met.