100+ Free InsightVM Admin Practice Questions

Pass your Rapid7 Certified Administrator — InsightVM exam on the first try — instant access, no signup required.

✓ No registration✓ No credit card✓ No hidden fees✓ Start practicing immediately

~60-70% Pass Rate

100+ Questions

100% Free

1 / 100

Question 1

Score: 0/0

Which InsightVM scan template setting controls the maximum number of simultaneous network connections the scan engine makes during a scan?

Maximum scan threads (concurrent assets or services)

Report generation concurrency

Scan engine pool size

Scan timeout value

to track

Same family resources

Explore More Rapid7 Certifications

Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.

Rapid7 Certified Administrator — InsightIDR

Practice Questions100 questions

2026 Statistics

Key Facts: InsightVM Admin Exam

~50

Exam Questions

Rapid7

90 min

Exam Duration

Rapid7

70%

Passing Score

Rapid7

$250

Exam Fee

Rapid7

2 years

Certification Validity

Rapid7

Intermediate

Difficulty Level

Industry assessment

The InsightVM Admin exam has approximately 50 questions in 90 minutes with a 70% passing threshold. Key domains: architecture and deployment, site/scan configuration, RealRisk and asset management, remediation workflows, and dashboards/reporting. Hands-on InsightVM experience is strongly recommended. Exam fee is $250. Certification is valid for 2 years.

Sample InsightVM Admin Practice Questions

Try these sample questions to test your InsightVM Admin exam readiness. Each question includes a detailed explanation. Start the interactive quiz above for the full 100+ question experience with AI tutoring.

1In InsightVM, what is a 'Site' primarily used for?

A.A logical grouping of assets targeted for scanning with specific credentials and scan templates

B.A geographic location of the Scan Engine within the network

C.A saved report template for executive dashboards

D.A remediation project that tracks vulnerability fixes

Explanation: In InsightVM, a Site is a logical container that defines the scope of a scan. It groups target assets (IPs, hostnames, CIDR ranges) and associates them with specific credentials, scan templates, and scan engines. Sites are the fundamental unit of scan configuration.

2Which InsightVM component is responsible for executing vulnerability scans against target assets?

A.The Security Console

B.The Scan Engine

C.The Insight Agent

D.The Remediation Workflow

Explanation: The Scan Engine is the component that performs active network scanning against target assets. It probes targets using configured scan templates and credentials, then sends results back to the Security Console for analysis and reporting. Scan Engines can be distributed across network segments.

3What is the primary advantage of deploying the Insight Agent on endpoints versus relying solely on credentialed network scans?

A.The agent uses less CPU during scanning than network scans

B.The agent provides continuous, real-time vulnerability data even when assets are off the corporate network

C.The agent is required to scan cloud assets in AWS and Azure

D.The agent replaces the need for a Scan Engine entirely

Explanation: The Insight Agent communicates directly with the Rapid7 Insight platform regardless of network location, providing continuous assessment data for remote, mobile, or off-network assets. This ensures coverage for laptops that may never be on the corporate LAN during a scheduled scan window.

4In InsightVM, what does the RealRisk score represent?

A.The CVSS base score directly imported from the NVD

B.A proprietary risk score combining CVSS, exploit availability, asset criticality, and age of exposure

C.The number of vulnerabilities found on an asset divided by total scanned assets

D.A compliance score based on CIS Benchmark adherence

Explanation: RealRisk is Rapid7's proprietary risk scoring model that combines the CVSS score, exploit availability in Rapid7's exploit database, whether an exploit kit targets the vulnerability, the age of the vulnerability, and the assigned asset criticality. This produces a more actionable risk score than raw CVSS alone.

5An administrator wants to scope a scan to only test for vulnerabilities in Microsoft Windows patches without running web application checks. Which InsightVM feature allows this customization?

A.Asset Groups

B.Scan Templates

C.Remediation Projects

D.Dynamic Discovery Connections

Explanation: Scan Templates define what checks are performed during a scan — including enabled vulnerability categories, authenticated scan depth, web spider settings, and policy checks. By selecting or customizing a scan template, administrators can restrict checks to Windows patch vulnerabilities and exclude web application tests.

6What is the function of 'Asset Groups' in InsightVM?

A.To schedule automated scan jobs at specific intervals

B.To logically organize assets for filtered reporting, dashboards, and targeted remediation

C.To define the IP ranges and credentials used in a scan

D.To configure agent communication policies for endpoint coverage

Explanation: Asset Groups allow administrators to create logical collections of assets — static (manually assigned) or dynamic (query-based filters) — that can be used to scope reports, dashboards, and remediation projects. They enable role-based segmentation so teams only see assets they own.

7When configuring a site in InsightVM with Windows domain credentials, which authentication protocol should be used for best compatibility with modern Windows systems?

A.NTLM v1

B.SNMPv1 community string

C.SMB with Kerberos or NTLMv2

D.HTTP Basic authentication

Explanation: For Windows authenticated scanning, InsightVM supports SMB-based credentials using NTLMv2 or Kerberos. Modern Windows environments disable NTLMv1 by default, so NTLMv2 or Kerberos should be used. Proper authenticated scanning dramatically improves detection of locally installed software vulnerabilities and patch levels.

8A security team wants to track whether IT teams are remediating vulnerabilities on time. Which InsightVM feature is specifically designed for this purpose?

A.Vulnerability Exceptions

B.Remediation Projects

C.Scan Templates

D.Policy Manager

Explanation: Remediation Projects in InsightVM allow administrators to create tracked workstreams where vulnerability findings are assigned to owners, given due dates, and monitored for progress. The project automatically updates as new scan data comes in, showing which vulnerabilities have been resolved.

9In InsightVM dashboards, what are 'Cards' used for?

A.Defining scan engine deployment configurations

B.Displaying specific vulnerability or asset metrics in a customizable dashboard view

C.Generating PDF reports for executive distribution

D.Assigning remediation tasks to specific users

Explanation: Cards are individual visualization widgets within InsightVM dashboards. Each card displays a specific metric such as top vulnerable assets, vulnerability trend over time, assets with critical risk, or remediation progress. Multiple cards can be arranged on a dashboard to give teams a customized operational view.

10What is the purpose of a 'Dynamic Discovery Connection' in InsightVM?

A.To automatically import and update asset inventory from cloud platforms or virtual infrastructure

B.To run scans continuously without a fixed schedule

C.To automatically apply patches discovered during vulnerability scanning

D.To replicate vulnerability data to a secondary Security Console

Explanation: Dynamic Discovery Connections integrate InsightVM with cloud environments (AWS, Azure, GCP), VMware vSphere, or DHCP to automatically discover and import new assets as they come online. This ensures asset inventory stays current without manual site configuration updates.

About the InsightVM Admin Exam

The Rapid7 Certified Administrator — InsightVM certification validates expertise in deploying and managing InsightVM (formerly Nexpose), Rapid7's enterprise vulnerability management platform. It covers the Security Console, Scan Engine, Insight Agent architecture, site and scan configuration, RealRisk scoring, asset management, remediation projects, dashboards, Policy Manager, and REST API automation.

Questions

50 scored questions

Time Limit

90 minutes

Passing Score

70%

Exam Fee

$250 (Rapid7)

InsightVM Admin Exam Content Outline

~20%

Architecture and Deployment

Security Console, Scan Engine, Insight Agent, cloud connectivity, Dynamic Discovery, Scan Engine Pools, and database architecture

~25%

Sites, Scans, and Templates

Site configuration, CIDR targets, scan templates (Full Audit, Discovery, Penetration Test), credentials (Windows SMB, SSH, SNMP), scheduling, blackouts

~20%

Asset Management and Risk Scoring

Static and dynamic asset groups, tags, asset criticality, RealRisk scoring model, CVSS, exploit availability, malware exploitable flags

~20%

Vulnerability Management and Remediation

Vulnerability exceptions (false positive, accepted risk), remediation projects, SLA tracking, Jira/ServiceNow integration, Top Remediations

~15%

Dashboards, Reporting, and Administration

Dashboard cards, Liveboards, scheduled reports, Policy Manager, RBAC, REST API, AWS/Azure cloud integration

How to Pass the InsightVM Admin Exam

What You Need to Know

Passing score: 70%
Exam length: 50 questions
Time limit: 90 minutes
Exam fee: $250

Keys to Passing

Complete 500+ practice questions
Score 80%+ consistently before scheduling
Focus on highest-weighted sections
Use our AI tutor for tough concepts

InsightVM Admin Study Tips from Top Performers

1Understand RealRisk scoring deeply — know how CVSS, exploit availability, asset criticality, and age of vulnerability combine

2Know the difference between Static and Dynamic Asset Groups and when to use each

3Be able to explain scan template selection for different use cases (Full Audit vs. Discovery vs. Penetration Test)

4Understand credential types per system: Windows = SMB/NTLMv2, Linux = SSH, Network devices = SNMP/SSH

5Know the Remediation Project workflow including Jira/ServiceNow integration and SLA tracking

6Understand scan coverage concepts — what causes low coverage and how to improve it

7Know when to use Vulnerability Exceptions vs. disabling checks in templates

8Practice lab time in InsightVM is more valuable than reading documentation alone

Frequently Asked Questions

What is the InsightVM Admin certification exam?

The Rapid7 Certified Administrator — InsightVM validates hands-on expertise with InsightVM. It covers console and engine architecture, site and scan management, RealRisk vulnerability prioritization, remediation project workflows, dashboards, Policy Manager compliance checks, and REST API automation. The exam has ~50 questions in 90 minutes.

How many questions are on the InsightVM Admin exam?

The InsightVM Admin exam has approximately 50 questions to be completed in 90 minutes. The passing score is 70%. Questions include multiple choice and multiple select formats testing both conceptual knowledge and practical configuration scenarios.

Do I need hands-on experience to pass?

Yes — the InsightVM Admin exam tests practical administration skills. Candidates should have 6+ months of hands-on InsightVM or Nexpose experience, including configuring sites with credentials, setting up remediation projects, and interpreting RealRisk scores. Documentation study alone is not sufficient for most candidates.

What is the difference between InsightVM and Nexpose?

Nexpose is the original on-premise brand name for Rapid7's vulnerability management solution. InsightVM is the current branded product that adds cloud connectivity via the Rapid7 Insight platform, enabling Liveboards, cross-product data correlation, and cloud-powered analytics. Organizations using Nexpose are effectively using the InsightVM engine — the certification applies to both.

How long is the InsightVM Admin certification valid?

The Rapid7 Certified Administrator — InsightVM certification is valid for 2 years. After 2 years, candidates must recertify by passing the current version of the exam. Rapid7 may offer renewal paths as the product evolves.