About the certification
The ISO/IEC 27032 provides guidance for addressing common Internet security threats such as social engineering attacks, zero-day attacks, privacy breaches, hacking, and the proliferation of malicious software (malware), spyware, and other potentially unwanted programs. It also outlines controls for managing Internet security risks, including those for preventing, detecting, monitoring, and responding to attacks.
The ISO/IEC 27032 Lead Cybersecurity Implementer certification is intended for individuals seeking to validate their foundational knowledge of cybersecurity in accordance with ISO/IEC 27032 standard.
This exam covers topics such as Scope of the ISO/IEC 27032:2023, Normative references, Terms and definitions, Relationship between Internet security, web security, network security and cybersecurity, Internet security risk assessment and treatment (Threats, Vulnerabilities, and Attack vectors), Security guidelines for the Internet, and Controls for Internet security.
The Cybersecurity (ISO/IEC 27032) Foundation certification exam is an online, closed-book, remotely-proctored exam. It includes 40 multiple-choice questions and the passing score is 70%. Candidates will have 60 minutes to complete the exam.
Validate your knowledge of cybersecurity and advance your career.
Purchase your exam voucher now!
Exam details
|
Exam code |
ITC-185 |
|
Launch date |
February 27, 2016 |
|
Exam description |
The Cybersecurity (ISO/IEC 27032) Foundation exam validates a candidate’s foundational knowledge of cybersecurity in accordance with the ISO/IEC 27032:2023 standard. |
|
Current version |
v3 (July 25, 2025) |
|
Exam format |
Multiple choice; computer-based; closed book |
|
Number of questions |
40 questions |
|
Passing score |
70% (28 out of 40) |
|
Exam duration |
60 minutes |
|
Level |
Foundation |
|
Languages |
English and Portuguese |
|
Exam description |
Cybersecurity concepts, most common types of cybersecurity attacks (Spoofing, IP Address spoofing, ARP spoofing, DNS spoofing, email spoofing, port scanning, Denial of Service Attack, Distributed Denial of Service Attack, network sniffing, Man-in-the-middle attack, session hijacking attack, Cross-side scripting attack, SQL injection attack, buffer overflow attack, brute force attack) threats, vulnerabilities, types of malware (viruses, worms, trojans, rootkits, backdoors, ransomware, adware, spyware, botnets), phishing, pharming, spam, scams, frauds, identity theft, social engineering, network security, encryption, cryptography, digital certificates, privacy, anti-malware tools and wireless security.) |
|
RECOMMENDED HOURS OF STUDY |
32 hours |
|
Bloom's Taxonomy |
Level 1 (Remembering), Level 2 (Understanding) and Level 3 (Applying) |
|
RECOMMENDED READING |
ISO/IEC 27032:2023 Cybersecurity — Guidelines for Internet security |
|
Prerequisites |
There are no prerequisites for this certification |
|
Recommended experience |
Six months of work experience in Cybersecurity |
|
Validity period |
Lifetime |
Exam Content Outline
| Domains | Weight |
|---|---|
|
1. Scope of the ISO/IEC 27032 |
5% |
|
2. Terms and definitions |
20% |
|
3. Cyber-attacks |
20% |
|
4. Malwares |
20% |
|
5. Cybersecurity Threats |
20% |
|
6. Network security |
15% |
Total | 100% |
How to get certified
Browse our certification programs and choose your certification.
Discover the exam objectives and prepare for your exam.
Register for your online proctored exam.
Take your online proctored exam in the comfort of your home or office.
Congratulations! You are certified!
STACKABLE CERTIFICATIONS
Earn 4 certifications and receive an integrator certification (designation).
Frequently Asked Questions
-
After purchasing an exam voucher, how much time do I have to take the exam?
After purchasing an exam voucher, candidates will have 180 days to take the exam.
-
Does the exam voucher include a retake?
The exam voucher includes 2 retakes in case the candidate fails the first attempt.
-
Are there any prerequisites to take the exams?
There are no prerequisites to take the exams. ITCERTS recommends that candidates have at least six months of work experience in the area that the certification exam covers.
-
What is the exam retake policy?
If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).
-
How do I register for an Online Proctored Exam?
Visit the Online Proctored Exam registration page to find complete instructions.
-
Are there any mandatory training to take an exam?
Training is recommended as part of your certification preparation, but it is not mandatory.
-
Which languages are the exams available in?
Our exams are currently available in English and Portuguese.
-
Where can I take the exams?
Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.
-
Do the ITCERTS certifications expire?
ITCERTS certifications are considered good-for-life and do not expire.
-
How can a potential employer verify my certifications?
Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.
Subscribe
Subscribe
Subscribe to our newsletter