A vulnerability is a weakness of software, hardware, or online service that can be exploited by a threat. An exploitation of vulnerabilities results in a disruption of the confidentiality, integrity, or availability of the ICT system or related information assets, which may cause a breach of data privacy, interruption of operation of mission critical systems, and so on. The main objective of a vulnerability management process is to reduce risks resulting from exploitation of published technical vulnerabilities.
The vulnerability management process should be implemented in an effective, systematic, and repeatable way with measurements taken to confirm its effectiveness. The Vulnerability Management Foundation is a certification intended for IT professionals seeking to validate their knowledge of Vulnerability Management in acccordance with the ISO/IEC 27001 and ISO/IEC 27002 standards.
The Vulnerability Management Foundation certification exam is an online, closed-book, and remotely-proctored exam. It includes 40 multiple-choice questions and the passing score is 70%. Candidates will have 60 minutes to complete the exam. Validate your knowledge of Vulnerability Management and advance your career in Information Security. Purchase your exam voucher now!
Exam code |
ITC-015 |
Launch date |
March 30, 2017 |
Exam description |
The Vulnerability Management Foudation exam tests the candidate's knowledge in Vulnerability Management in accordance with the ISO/IEC 27001 and ISO/IEC 27002 standards. |
Current version |
v1 |
Exam format |
Multiple choice; computer-based; closed book |
Number of questions |
40 questions |
Passing score |
70% (28 out of 40) |
Exam duration |
60 minutes |
Level |
Foundation |
Languages |
English |
Exam description |
Vulnerability Management Process |
RECOMMENDED HOURS OF STUDY |
16 hours |
Bloom's Taxonomy |
Level 1 (Remembering), Level 2 (Understanding) and Level 3 (Applying) |
Recommended reading |
• ISO/IEC 27001:2022 Information security, cybersecurity and privacy protection - Information security management systems - Requirements |
Prerequisites |
There are no prerequisites for this certification |
Recommended experience |
Six months of work experience in Information Security |
Validity period |
Lifetime |
Browse our certification programs and choose your certification.
Discover the exam objectives and prepare for your exam.
Register for your online proctored exam.
Take your online proctored exam in the comfort of your home or office.
Congratulations! You are certified!
All exams are available for $150 USD each. Prices may vary slightly by region and currency exchange rates.
There are no prerequisites to take the exams. ITCERTS recommends that candidates have at least six months of work experience in the area that the certification exam covers.
If a candidate does not achieve a passing score on the first attempt, there is no waiting period between the first and the second attempt. If a candidate does not achieve a passing score on the second attempt, the candidate must wait at least 7 days before retaking the exam for a third time. A candidate may not take a given exam any more than three times per year (12 months).
Visit the Online Proctored Exam registration page to find complete instructions.
Training is recommended as part of your certification preparation, but it is not mandatory.
Our exams are currently available in English and Portuguese.
Exams are delivered online (Online Proctored Exams) and can be taken from anywhere in the world.
ITCERTS certifications are considered good-for-life and do not expire.
Your employer can verify your certification on our certification verification page. Your certification number will be needed in order to process the verification.
Subscribe to our newsletter