SQL Injection ALERT! *Red lights flashing!*
Dim strSQL As String = "SELECT IDNum FROM ProgDB WHERE IDNum = @myParam"
sqlCMD.CommandText = strSQL
cmd.Parameters.AddWithValue("@myParam", iDNum)
This replaces @myParam with the value of iDNum. SQL takes care of the rest. So if @myParam is a varchar and your user would have typed "D'Artagnan" your query would have failed in your example (try pasting that exact string with D'Artagnan in SQL, won't work because the ' breaks your command). However, by using parameters everything goes well. As a bonus your queries are cached an can be re-used boosting performance! And your code looks cleaner since there is no weird string concatenation.
It's a win win win win situation...
Sony was down for days because of SQL Injection, it cost them millions, don't make that same mistake!
Learn from little Bobby Tables[
^] :)
P.S. Coming to think of it, in this example I am not quite sure if you should say '@myParam' with or without the quotes, but using parameters is definitly the way to go!