Certified in Cybersecurity (CC)

ISC2 developed the Certified in Cybersecurity (CC) credential for newcomers to the field, to recognize the growing trend of people entering the cybersecurity workforce without direct IT experience. Getting Certified in Cybersecurity provides employers with the confidence that you have a solid grasp of the right technical concepts, and a demonstrated aptitude to learn on the job. As an ISC2 certification, those who hold the CC are backed by the world’s largest network of certified cybersecurity professionals helping them continue their professional development and earn new achievements and qualifications throughout their career.


Once you have completed this course, you’ll be able to:

  • Discuss the foundational concepts of cybersecurity principles.
  • Recognize foundational security concepts of information assurance.
  • Define risk management terminology and summarize the process.
  • Relate risk management to personal or professional practices.
  • Practice the terminology and review concepts of business continuity, disaster recovery and incident response.

There are no specific prerequisites to take the exam. It is recommended that candidates have basic information technology (IT) knowledge.  No work experience in cybersecurity or any formal educational diploma/degree is required. The next step in the candidate’s career would drive to earning ISC2 expert-level certifications, which require experience in the field.

  • Problem solvers
  • Creative
  • Analytical and critical thinkers
  • Excited by the opportunity to learn
1.1 - Understand the security concepts of information assurance
1.2 - Understand the risk management process
1.3 - Understand security controls
1.4 - Understand ISC2 Code of Ethics
1.5 - Understand governance processes
2.1 - Understand business continuity (BC)
2.2 - Understand disaster recovery (DR)
2.3 - Understand incident response
3.1 - Understand physical access controls
3.2 - Understand logical access controls
4.1 - Understand computer networking
4.2 - Understand network threats and attacks
4.3 - Understand network security infrastructure
5.1 - Understand data security
5.2 - Understand system hardening
5.3 - Understand best practice security policies
5.4 - Understand security awareness training
Length of exam 2 hours
Number of questions 100 questions
Question format Multiple choice questions
Passing grade 700 out of 1000 points
Exam availability English, Chinese, Japanese, Korean, German, Spanish
Testing center At the Pearson VUE test center