About the certification


The Cybersecurity Management Foundation is a certification intended for IT professionals seeking to validate their knowledge of Cybersecurity Management.

This exam covers topics such as Terms and Definitions commonly used in Cybersecurity, Cybersecurity Standards and Frameworks, the Threat Landscape, Vulnerabilities, and Attacks, Cybersecurity Risk Management (ISO/IEC 27005:2022 Information security, cybersecurity and privacy protection - Guidance on managing information security risks), Cybersecurity Frameworks (ISO/IEC 27002:2022, NIST Cybersecurity Framework, and CIS Critical Security Controls), Incident Response (SP 800-61 Rev. 2 Computer Security Incident Handling Guide), Computer Security Incident Response Team (CSIRT), Digital Forensics (ISO/IEC 27037 Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence), and SOC2.

The Cybersecurity Management Foundation certification exam is an online, closed-book, and remotely-proctored exam. It includes 40 multiple-choice questions and the passing score is 70%. You will have 60 minutes to complete the exam. Validate your knowledge of Information Security Risk Management and advance your career. Register for your online exam now!





Information Security Risk Management Foundation

Exam details


Exam code

ITC-072

Launch date

March 26, 2023

Exam description

The Cybersecurity Management Foundation exam tests the candidate knowledge of Cybersecurity Management.

Current version

v1

Exam format

Multiple choice; computer-based; closed book

Number of questions

40 questions

Passing score

70% (28 out of 40)

Exam duration

60 minutes

Level

Foundation

Languages

English and Portuguese (Brazilian)

Exam description

The exam covers topics such as Terms and Definitions commonly used in Cybersecurity, Cybersecurity Standards and Frameworks, the Threat Landscape, Vulnerabilities, and Attacks, Cybersecurity Risk Management (ISO/IEC 27005:2022 Information security, cybersecurity and privacy protection - Guidance on managing information security risks), Cybersecurity Frameworks (ISO/IEC 27002:2022, NIST Cybersecurity Framework, and CIS Critical Security Controls), Incident Response (SP 800-61 Rev. 2 Computer Security Incident Handling Guide), Computer Security Incident Response Team (CSIRT), Digital Forensics (ISO/IEC 27037 Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence), and SOC2.

RECOMMENDED HOURS OF STUDY

32 hours

Bloom's Taxonomy

Level 1 (Remembering), Level 2 (Understanding) and Level 3 (Applying)

Recommended reading

• CIS Critical Security Controls
• Computer Security Incident Response Team (CSIRT)
• ISO/IEC 27002:2022 Information security, cybersecurity and privacy protection - Information security controls
• ISO/IEC 27005:2022 Information security, cybersecurity and privacy protection - Guidance on managing information security risks
• ISO/IEC 27037:2012 Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence
• NIST Cybersecurity Framework
• NIST SP 800-61 Rev. 2 Computer Security Incident Handling Guide
• SOC2

Prerequisites

There are no prerequisites for this certification

Recommended experience

Six months of work experience in Cybersecurity Management

Validity period

Lifetime

Exam Content Outline


   Domains Weight

1. Terms and Definitions commonly used in Cybersecurity

10%

2. Threat Landscape, Vulnerabilities, and Attacks

10%

3. Cybersecurity Risk Management (ISO/IEC 27005)

15%

4. Cybersecurity Standards and Frameworks (NIST Cybersecurity Framework, CIS Critical Security Controls, ISO/IEC 27002:2022, and SOC2 Compliance)

40%

5. Incident Response (NIST Special Publication 800-61 Revision 2 and CSIRT)

15%

6. Digital Forensics

10%

   Total

100%

How to get certified


1

Browse our certification programs and choose your certification.

2

Discover the exam objectives and prepare for your exam.

3

Register for your online proctored exam.

4

Take your online proctored exam in the comfort of your home or office.

5

Congratulations! You are certified!

Stackable Certifications


Earn 5 certifications and receive an integrator certification (designation).

Information Security Controls

Cybersecurity

Computer Forensics

Ethical Hacking

CSIRT

Certified Information Security Specialist

Frequently Asked Questions


  • How much does an ITCERTS certification exam cost?

    All exams are available for $150 USD each. Prices may vary slightly by region and currency exchange rates.

  • Are there any prerequisites to take the exams?

    There are no prerequisites to take the exams. ITCERTS recommends that candidates have at least six months of work experience in the area that the certification exam covers.

  • What is the exam retake policy?

    If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).

  • How do I register for an Online Proctored Exam?

    Visit the Online Proctored Exam registration page to find complete instructions.

  • Are there any mandatory training to take an exam?

    Training is recommended as part of your certification preparation, but it is not mandatory.

  • Which languages are the exams available in?

    Our exams are currently available in English and Portuguese.

  • Where can I take the exams?

    Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.

  • Do the ITCERTS certifications expire?

    ITCERTS certifications are considered good-for-life and do not expire.

  • How can a potential employer verify my certifications?

    Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.

Subscribe

Subscribe


Subscribe to our newsletter