ISC² Certified in Cybersecurity (CC)

ISC² Certified in Cybersecurity (CC)

ISC² Certified in Cybersecurity (CC)

ISC² Certified in Cybersecurity (CC)

Number of Domains: 5
Current Progress: 5 out of 5 pts (100%)

The ISC² Certified in Cybersecurity (CC) credential validates foundational cybersecurity knowledge for professionals entering the field. It demonstrates understanding of core security concepts, basic network and system protections, incident response awareness, and access control fundamentals — all backed by ISC²’s global professional community.

Examination Weights (Domains)

  • Domain 1 — Security Principles: 26%
  • Domain 2 — BC/DR & Incident Response Concepts: 10%
  • Domain 3 — Access Controls Concepts: 22%
  • Domain 4 — Network Security: 24%
  • Domain 5 — Security Operations: 18%

Domains (Coverage & Key Topics)

Domain 1 — Security Principles

  • CIA Triad: Confidentiality, Integrity, Availability
  • Authentication, MFA, non-repudiation, privacy
  • Risk management: identification, assessment, treatment
  • Security controls: technical, administrative, physical
  • ISC² Code of Ethics, policies, procedures, standards, and laws

Domain 2 — Business Continuity, Disaster Recovery & Incident Response

  • Purpose and components of Business Continuity (BC) and Disaster Recovery (DR)
  • Incident response fundamentals: roles, phases, purpose

Domain 3 — Access Controls Concepts

  • Physical access controls (CCTV, guards, alarms)
  • Logical access controls: least privilege, segregation of duties
  • Models: DAC, MAC, RBAC

Domain 4 — Network Security

  • Networking basics: OSI/TCP-IP, IPv4/IPv6, Wi-Fi, ports, services
  • Network threats & detection: IDS/NIDS, HIDS
  • Prevention tools: antivirus, IPS, firewalls
  • Network design & infrastructure: segmentation (VLAN/DMZ), VPN, NAC, cloud considerations

Domain 5 — Security Operations

  • Data security: encryption, handling, retention, labeling
  • Logging, monitoring, and event handling
  • System hardening & configuration management (baselines, patching)
  • Security policies: password, BYOD, AUP, change management, privacy
  • Security awareness training fundamentals

Value of the Certification

The ISC² CC certification complements practical MCSI training by validating essential theory and establishing a baseline of cybersecurity knowledge employers expect from entry-level hires. It pairs strongly with the hands-on work in MSAF and MOIS, demonstrating both conceptual understanding and applied technical skills.