Cybersecurity professionals use highly specific collocations. Practise the phrases used in vulnerability management and security incident response.
0 / 5 completed
1 / 5
Fill in: 'The team has 72 hours to ___ the critical vulnerability before it is exploited in the wild.'
We 'patch a vulnerability' — 'patch' is the security-industry standard collocation for applying a code fix to address a known weakness. 'Fix' is informal; 'close' is used for tickets or ports; 'seal' is metaphorical but not standard in security discourse.
2 / 5
Fill in: 'The researcher plans to ___ the finding under a 90-day responsible disclosure policy.'
We 'disclose a finding' — 'disclose' is the coordinated vulnerability disclosure standard term for making a security finding known. 'Reveal' sounds dramatic; 'publish' is used for research papers; 'report' is also correct but 'disclose' is the formal responsible-disclosure collocation.
3 / 5
Fill in: 'The new architecture was designed to ___ the attack surface as much as possible.'
We 'harden the attack surface' — 'harden' is the security collocation meaning to strengthen systems against attack, reducing exploitable entry points. 'Reduce the attack surface' is also idiomatic; 'shrink' and 'limit' are informal and less precise.
4 / 5
Fill in: 'Run OWASP Dependency-Check in the CI pipeline to automatically ___ for known CVEs in third-party libraries.'
We 'scan for CVEs' — 'scan' is the security-tooling collocation for automated inspection of code or dependencies for known vulnerabilities. 'Check for CVEs' is informal; 'search for CVEs' sounds manual; 'look for CVEs' is colloquial.
5 / 5
Fill in: 'The security team developed a remediation plan to ___ all identified risks within 30 days.'
We 'remediate risk' — 'remediate' is the formal security-and-compliance collocation for correcting or mitigating identified risks. 'Fix risk' is informal; 'resolve risk' is used in project management; 'address risk' is acceptable but 'remediate' is the precise technical-security term.