Question

When you discover a vulnerability, what should happen next?

a) Ignore it and hope it goes away.
b) Immediately exploit it for your benefit.
c) Document and report it for remediation.
d) Share it on social media.

Answer 1

The responsible action after discovering a vulnerability is to document and confidentially report it for remediation, allowing the responsible party to address the issue and ensure security.

Step-by-step explanation:

When a vulnerability is discovered, the correct and responsible action to take is option c) Document and report it for remediation. Ignoring it, exploiting it, or sharing it on social media are all irresponsible actions that could lead to harm to individuals or organizations. Instead, documenting the vulnerability involves carefully recording the details of the issue, such as how it was discovered, its potential impact, and any steps to reproduce it. Once documented, the vulnerability should be confidentially reported to the organization or individual responsible for the system. This allows them to take steps to remediate the issue, such as patching software or changing configurations, to protect against potential exploitations.