What is SECURITY.md?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

What is SECURITY.md?

Explanation:
Security.md is the repository’s security policy—the primary place that explains how to report vulnerabilities, who to contact, and what response process and timelines the project follows. It helps ensure responsible disclosure and provides clarity on how the project handles security issues, often including what counts as a security issue and what to expect after you report one. It should be located at the repository root so it’s easy to find and, on GitHub, is surfaced through the Security tab. It isn’t a license file, a changelog, or a CI configuration file.

Security.md is the repository’s security policy—the primary place that explains how to report vulnerabilities, who to contact, and what response process and timelines the project follows. It helps ensure responsible disclosure and provides clarity on how the project handles security issues, often including what counts as a security issue and what to expect after you report one. It should be located at the repository root so it’s easy to find and, on GitHub, is surfaced through the Security tab. It isn’t a license file, a changelog, or a CI configuration file.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy