ISC2 Certified in Cybersecurity (CC) Exam Prep & Study Guide
Master the 5 domains of the ISC2 CC certification. Detailed breakdown of security principles, network security, and access controls for entry-level IT roles.
PROFESSIONAL TRAINING SERIES
Certified in
Cybersecurity
CC
ISC2 — (ISC)² Foundation Certification
5 Domains
Entry-Level Certification
Professional Training • March 2026
ISC2 CC
ISC2 CC — Course Agenda
What We'll Cover
5 Domains
125 Questions
2 Hours Exam
01
About ISC2 & the CC Certification
02
Domain 1: Security Principles
03
Domain 2: Business Continuity & Disaster Recovery
04
Domain 3: Access Controls
05
Domain 4: Network Security
06
Domain 5: Security Operations
About ISC2
The World's Leading Cybersecurity Professional Organization
Est. 1988
Over 35 Years of Excellence
600,000+
Certified Members Worldwide
160+ Countries
Global Reach
Mission
To support and grow a safe and secure cyber world
What is ISC2?
ISC2 (International Information System Security Certification Consortium) is a nonprofit organization focused on cybersecurity education and certification.
Key Certifications
CISSP
CCSP
CSSLP
CAP
CC (Certified in Cybersecurity)
ISC2 offers FREE access to the CC certification for qualifying candidates
Certified in
Cybersecurity
(CC)
Your Gateway into the Cybersecurity Profession
Entry-Level Credential
Designed for those new to cybersecurity — no prior experience required.
Globally Recognized
Accepted worldwide as proof of foundational cybersecurity knowledge.
Exam Details
100 questions | 2-hour time limit | Multiple choice | Passing score: 700/1000.
Career Pathway
First step toward CISSP and other advanced ISC2 certifications.
FREE for qualifying candidates through ISC2's 1 Million Certified in Cybersecurity initiative
DOMAIN 1 OF 5
Security Principles
Understanding the Foundation of Information Security
26% of the CC Exam
CIA Triad
Confidentiality, Integrity, Availability
Security Concepts
Authentication, Authorization, Accounting
Risk Management
Identify, Assess, Mitigate
Key topics covered in this domain
Domain 1
Core Security Principles
CIA Triad & Foundational Concepts
Confidentiality
Ensuring information is accessible only to authorized individuals
Integrity
Maintaining accuracy and completeness of data
Availability
Ensuring systems and data are accessible when needed
Authentication
Verifying identity (Who are you?)
Authorization
Granting access (What can you do?)
Accountability
Tracking actions (What did you do?)
Non-repudiation
Proof of actions (Can't deny it)
Privacy
Protecting personal data
Zero Trust
Never trust, always verify
CIA Triad is the most tested concept in Domain 1
Domain 1
Risk Management & Ethics
Governance, Risk & Compliance Fundamentals — 26% of Exam
Risk Identification
Identify threats, vulnerabilities, and assets at risk
Risk Assessment
Analyze likelihood × impact = risk level. Qualitative vs Quantitative analysis
Risk Response
4 options: Accept (tolerate), Avoid (eliminate), Transfer (insurance), Mitigate (reduce)
Risk Monitoring
Continuously track residual risks and control effectiveness
Risk Reporting
Communicate risk posture to management and stakeholders
Potential cause of harm
Weakness that can be exploited
Threat × Vulnerability × Impact
Measure to reduce risk
Risk remaining after controls applied
Security Governance
High-level management directives
Mandatory rules (ISO 27001, NIST)
Step-by-step instructions
Recommended practices (flexible)
Minimum security configurations
ISC2 Code of Ethics
Protect society, common good, public trust
Act honorably, honestly, justly, responsibly
Provide diligent service to principals
Advance and protect the profession
Mandatory for all ISC2 certified members
Compliance Frameworks
EU data protection regulation
US healthcare data protection
Payment card industry standard
Financial reporting requirements
US federal government security
Security Controls Types
Stop incidents before they happen
Identify incidents in progress
Fix issues after they occur
Discourage attacks
Alternative controls
ISC2 Code of Ethics and Risk = Threat × Vulnerability are guaranteed exam questions
DOMAIN 2 OF 5
Business Continuity, DR & Incident Response
Preparing for and Responding to Disruptions
10% of the CC Exam
Business Continuity (BC)
Maintaining operations during disruptions
Disaster Recovery (DR)
Restoring systems after an incident
Incident Response (IR)
Detecting and responding to security incidents
RTO
RPO
BCP
DRP
COOP
MTD
BIA
Domain 2
BC, DR & Incident Response
Preparing For & Recovering From Disruptions — 10% of Exam
Business Continuity Planning
A proactive plan to ensure critical business functions continue during/after a disaster
Business Impact Analysis (BIA), identifying critical assets, continuity strategies
Minimize downtime, protect revenue, maintain customer trust
MTD (Maximum Tolerable Downtime)
Maximum time a business can be offline
Disaster Recovery
A subset of BCP focused on restoring IT systems and data after a disruption
Target time to restore systems after a disaster
Maximum acceptable data loss measured in time
• Hot Site (fully operational)<br>• Warm Site (partially ready)<br>• Cold Site (empty facility)
Incident Response
Organized approach to addressing and managing security incidents
Computer Security Incident Response Team
Chain of custody, forensic preservation
RTO and RPO are frequently tested — know the difference: RTO = time to restore, RPO = data loss tolerance
DOMAIN 3 OF 5
Access Controls Concepts
Controlling Who Gets Access to What
22% of the CC Exam
Physical Controls
Locks, badges, guards, fences
Logical Controls
Passwords, MFA, ACLs, firewalls
Administrative Controls
Policies, procedures, training
DAC
MAC
RBAC
ABAC
Rule-Based
Key topics covered in this domain
DOMAIN 4 OF 5
Network Security
Protecting Data in Transit and Network Infrastructure
24% of the CC Exam
Network Threats
Network Controls
Secure Protocols
<ul style="color: #E2E8F0; font-size: 24px; font-weight: 400; line-height: 1.8; margin: 0; padding-left: 24px;"><li style="margin-bottom: 10px;">DoS & DDoS</li><li style="margin-bottom: 10px;">Man-in-the-Middle (MITM)</li><li style="margin-bottom: 10px;">Spoofing</li><li style="margin-bottom: 10px;">Sniffing</li></ul>
<ul style="color: #E2E8F0; font-size: 24px; font-weight: 400; line-height: 1.8; margin: 0; padding-left: 24px;"><li style="margin-bottom: 10px;">Firewalls</li><li style="margin-bottom: 10px;">IDS / IPS</li><li style="margin-bottom: 10px;">VPN</li><li style="margin-bottom: 10px;">DMZ</li></ul>
<ul style="color: #E2E8F0; font-size: 24px; font-weight: 400; line-height: 1.8; margin: 0; padding-left: 24px;"><li style="margin-bottom: 10px;">HTTPS & TLS</li><li style="margin-bottom: 10px;">SSH</li><li style="margin-bottom: 10px;">SFTP</li><li style="margin-bottom: 10px;">DNSSEC</li></ul>
⚡ Exam Tip: Know the OSI model layers and their associated security controls
Domain 3 — Access Controls
Managing Who Can Access What — 22% of Exam
Physical Controls
Badges, keycards, biometrics, mantraps, CCTV. Deter → Detect → Delay → Respond
Logical Controls
MFA (something you know/have/are), SSO, passwords, smart cards, tokens
Administrative Controls
Policies, training, separation of duties, least privilege principle
DAC
Owner decides access (file sharing)
MAC
System enforces labels (Top Secret/Secret/Unclassified)
RBAC
Access by job role — most common in enterprises
Rule-Based
Firewall rules, time restrictions
ABAC
Multiple attributes (user+resource+environment)
IAM
Centralized identity and access management
DAC, MAC, and RBAC are the most tested access control models — understand their key differences
DOMAIN 5 OF 5
Security Operations
Day-to-Day Security Activities and Best Practices
18% of the CC Exam
Data Security
Classification, Handling, Encryption, DLP
System Hardening
Patching, Config management, Least privilege
Security Awareness
Training, Phishing simulation, Policy compliance
Encryption
DLP
Patch Management
SIEM
Hardening
Domain 4
Network Security
Protecting Data In Transit — 24% of Exam
Network Threats
Network Defenses
Network Architecture
DoS/DDoS
flood attacks
Man-in-the-Middle
intercepts comms
Packet Sniffing
captures traffic
IP Spoofing
fake source IP
ARP Poisoning
corrupts cache
Firewall
packet/stateful/NGFW rules
IDS
detects threats
IPS
blocks threats
DMZ
buffer zone
VPN
encrypted tunnel
NAT
hides internal IPs
OSI Model
7-layer framework
TCP/IP Model
4-layer internet model
Network Segmentation
limit breach impact
Zero Trust
verify every connection
Microsegmentation
fine-grained isolation
HTTPS
TLS/SSL
SSH
IPSec
SFTP
DNS
DHCP
SNMP
Know the OSI model layers and which attacks/protocols operate at each layer
Exam Preparation
How to Prepare for the ISC2 CC Exam
Study Resources
ISC2 Official Study Guide
ISC2 Free Self-Paced Training
Official Practice Exams
Cybrary & Coursera courses
YouTube study channels
Exam Format
100 Multiple Choice Questions
2-Hour Time Limit
Passing Score: 700/1000
Computer-Based Testing (CBT)
Available at Pearson VUE centers
Online proctored option available
Study Timeline
Domain 1 & 2
Domain 3 & 4
Domain 5
Full review & Practice exams
Final prep & schedule exam
100 Questions
700/1000 Pass
2 Hours
DOMAIN 5
Security Operations
Day-to-Day Security Practices & Controls
18% of Exam
Data Security
System Hardening
Logging & Monitoring
Physical Security
Change Management
Security Awareness
Data classification levels and the principle of least privilege are heavily tested in Domain 5
Exam Domain Weights
Understanding the CC Exam Structure
Security Principles
26%
BC/DR/IR
10%
Access Controls
22%
Network Security
24%
Security Operations
18%
Total: 100 questions | 2 hours | Passing: 700/1000
Essential Terminology
Key Terms Every CC Candidate Must Know
Confidentiality
Keeping data private and accessible only to authorized users
Integrity
Ensuring data accuracy and preventing unauthorized modification
Availability
Ensuring systems are accessible when needed
Authentication
Verifying the identity of a user or system
Authorization
Granting appropriate access rights to verified users
Non-repudiation
Proof that an action or transaction occurred
Risk
The probability and impact of a threat exploiting a vulnerability
Vulnerability
A weakness that can be exploited by a threat
Threat
A potential cause of an unwanted incident
Firewall
A network device that filters traffic based on rules
Encryption
Converting data into unreadable format to protect it
MFA
Multi-Factor Authentication using multiple verification methods
Patch
Software update that fixes security vulnerabilities
VPN
Virtual Private Network for secure remote connections
SIEM
Security Information and Event Management system
Career Opportunities
Where the CC Certification Can Take You
CC — Entry Level
CCSP
CISSP
CISSP Concentrations
SOC Analyst
Monitor and analyze security events
IT Security Analyst
Assess and improve security posture
Cybersecurity Specialist
Implement security controls
Information Security Officer
Manage security programs
Network Security Administrator
Secure network infrastructure
Compliance Analyst
Ensure regulatory compliance
Average entry-level cybersecurity salary: $65,000–$85,000/year (US Market)
How to Get Certified
Step-by-Step Certification Journey
Create ISC2 Account
Register at isc2.org
Access Free Training
Complete the free self-paced course
Schedule Exam
Book through Pearson VUE
Take the Exam
100 questions, 2 hours
Receive Results
Pass with 700/1000
Maintain Certification
45 CPE credits every 3 years
Exam Fee
$199 USD (or FREE through ISC2 initiative)
Maintenance
Annual maintenance fee after certification
CPE Requirements
45 credits in 3-year cycle
Online Exam
Available via online proctoring
Retake Policy
Wait 30 days after failing
Visit isc2.org to register and access free study materials
Practice Questions
Test Your Knowledge — Sample CC Exam Questions
Which element of the CIA Triad ensures that information is accessible to authorized users when needed?
Availability
Confidentiality
Integrity
Authentication
What is the primary purpose of Multi-Factor Authentication (MFA)?
To verify identity using two or more verification methods
To encrypt data
To monitor network traffic
To block malware
Which type of access control model uses labels like "Top Secret" and "Classified"?
Mandatory Access Control (MAC)
DAC
RBAC
ABAC
What does RTO stand for in Business Continuity Planning?
Recovery Time Objective
Risk Tolerance Order
Restored Technology Option
Real-Time Output
You're Ready!
Begin Your Cybersecurity Journey
Every expert was once a beginner. Your ISC2 CC journey starts now.
Study
Access free ISC2 training at isc2.org
Practice
Take practice exams and review all 5 domains
Certify
Schedule your exam at Pearson VUE
ISC2 Certified in Cybersecurity (CC) | Professional Training | March 2026
- cybersecurity
- isc2-cc
- certification-prep
- network-security
- information-security
- cia-triad
- entry-level-career