Vulnerability Assessment plus exam
This exam (VA+), developed by NCSC and IASME, is a requirement for all Cyber Essentials Plus assessors that do not have a Lead Assessor qualification.
The exam is run remotely and is split into 4 sections, all of which must be passed by obtaining 60% or more in each:
- Multiple choice paper – 1 hour
- Vulnerability Scan – 30 minutes
- Essay – 2 hours
- Viva – 15 minutes
The cost of the exam is £500 + vat per person
If you fail the multiple choice paper but pass the other elements then you will be able to re-sit just that paper.
If you fail any of the other elements of the exam then you will need to re-sit the whole exam after waiting 1 month (and pay again).
- Provide an overview of the vulnerability assessment process.
- Learn about tools used during the vulnerability assessment process.
- Understand the underlying concepts of TCP/IP, Ports and Protocols.
- Apply critical thinking to solve problems encountered during an assessment
Apply tools and techniques to assess:
- external facing interfaces.
- internal interfaces
- the threat of malware (Antimalware solutions, Application whitelisting)
- Assess the threat of common external attacks (Email, SMS etc)
- Assess the threat of common internal attacks (Web Applications, Downloads)
- Report/Explain Vulnerabilities found
- Understand Information security in the corporate world.
- Understand the laws and regulations involved with vulnerability assessing
- Understand quantifying and measuring risks associated with vulnerabilities
- Understand how to find internal and external vulnerabilities
- Understand how to test hardening measures for malware
- Report and explain vulnerabilities found throughout a project.
Book to take the exam
Please contact us to find out the next dates available to take this exam and book a place
Find Out More
Have a look at our Frequently Asked Questions or speak to our team