Bring the guide's usage of "remediation" into line with common usage

[ahouseholder]

We currently use "remediation" in the guide to mean both fix and mitigate.
For example, see section 4.4 Remediation
But other sources use remediation to mean something disjoint from mitigation.

• The first question to address is whether we are the outlier or not.
• The second question is to suggest how the guide can identify, define, and consistently use terms representing:
• (1) "fix", "patch" (noun) - a complete elimination of the vulnerability
• (2) "mitigation", "partial fix", "workaround" (noun) - a reduction in risk (either impact OR probability) posed by the vulnerability that does not meet the criteria for (1)
• (3) "remediation" (noun) An umbrella term for the set of both (1) and (2) (noun) - any action taken in response to the existence of a vulnerability that decreases associated risk (possibly to zero)
• (4) "vulnerability response" (noun) - An umbrella term for things that one does in response to the existence of a vulnerability, regardless whether it affects the associated risk or not

The list above reflects current usage in the guide, but depending on whether or not we use "remediation" to mean 1 or 3, then any of these may need to change.

References to the "remediation = fix (only)" usage include:

1. https://www.esd.whs.mil/Portals/54/Documents/DD/issuances/dodi/853101p.pdf?ver=2020-09-15-143058-347
2. https://blog.rapid7.com/2020/09/14/vulnerability-remediation-vs-mitigation-whats-the-difference/

This issue is closely related to SSVC#46

[ahouseholder]

• resolved by New mkdocs+material site #18