Practise the collocations for reporting vulnerabilities, disclosing responsibly, patching urgently, and notifying stakeholders.
0 / 5 completed
1 / 5
A security researcher discovered a critical SQL injection flaw and decided to ___ vulnerability to the company through their bug bounty programme.
Report a vulnerability is the standard cybersecurity and bug bounty collocation for formally notifying an organisation of a security flaw. 'Inform around' and 'tell along' are informal. 'Announce out' implies public disclosure, bypassing responsible disclosure principles.
2 / 5
The researcher followed the industry-standard practice of agreeing to ___ responsibly and give the vendor 90 days to fix the issue.
Disclose responsibly is the standard security industry collocation for the responsible disclosure process, where researchers notify vendors before going public. 'Reveal along' and 'expose out' are informal. 'Publish around' implies uncoordinated public release.
3 / 5
Once the zero-day was confirmed, the security team had 24 hours to ___ urgently before it was exploited in the wild.
Patch urgently is the standard security operations collocation for applying an emergency fix to a critical vulnerability. 'Fix along' and 'repair around' are informal. 'Resolve out' is not a standard phrase in a security context.
4 / 5
After the patch was deployed, the CISO arranged an emergency call to ___ stakeholders about the vulnerability and the remediation steps taken.
Notify stakeholders is the standard incident and security communication collocation for formally informing relevant parties about a security event. 'Tell around' and 'warn out' are informal. 'Inform along' is non-standard.
5 / 5
The company published a CVE entry to ___ a coordinated advisory with the security community.
Issue an advisory is the standard security disclosure collocation for publishing an official security notice to the public or affected users. 'Release along' and 'send around' are informal. 'Publish out' is redundant.