ISC2 CC Exam Syllabus

CC PDF, CC Dumps, CC PDF, CC VCE, CC Questions PDF, ISC2 CC VCE, ISC2 CC Dumps, ISC2 CC PDFUse this quick start guide to collect all the information about ISC2 CC Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the CC ISC2 Certified in Cybersecurity exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual ISC2 CC certification exam.

The ISC2 CC certification is mainly targeted to those candidates who want to build their career in Cybersecurity domain. The ISC2 Certified in Cybersecurity (CC) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of ISC2 CC.

ISC2 CC Exam Summary:

Exam Name ISC2 Certified in Cybersecurity (CC)
Exam Code CC
Exam Price $199 (USD)
Duration 120 mins
Number of Questions 100
Passing Score 700 / 1000
Books / Training Certified in Cybersecurity (Online Instructor-Led)
Certified in Cybersecurity (Online Self-Paced)
Certified in Cybersecurity (Classroom-Based)
Schedule Exam Pearson VUE
Sample Questions ISC2 CC Sample Questions
Practice Exam ISC2 CC Certification Practice Exam

ISC2 CC Exam Syllabus Topics:

Topic Details

Security Principles - 26%

Understand the security concepts of information assurance - Confidentiality
- Integrity
- Availability
- Authentication (e.g., methods of authentication, multi-factor authentication (MFA))
- Non-repudiation
- Privacy
Understand the risk management process - Risk management (e.g., risk priorities, risk tolerance)
- Risk identification, assessment and treatment
Understand security controls - Technical controls
- Administrative controls
- Physical controls
Understand (ISC)² Code of Ethics - Professional code of conduct
Understand governance processes - Policies
- Procedures
- Standards
- Regulations and laws

Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts - 10%

Understand business continuity (BC) - Purpose
- Importance
- Components
Understand disaster recovery (DR) - Purpose
- Importance
- Components
Understand incident response - Purpose
- Importance
- Components

Access Controls Concepts - 22%

Understand physical access controls - Physical security controls (e.g., badge systems, gate entry, environmental design)
- Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs)
- Authorized versus unauthorized personnel
Understand logical access controls - Principle of least privilege
- Segregation of duties
- Discretionary access control (DAC)
- Mandatory access control (MAC)
- Role-based access control (RBAC)

Network Security - 24%

Understand computer networking - Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi)
- Ports
- Applications
Understand network threats and attacks - Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel)
- Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS))
- Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))
Understand network security infrastructure - On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA))
- Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems, Internet of Things (IoT))
- Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid)

Security Operations - 18%

Understand data security - Encryption (e.g., symmetric, asymmetric, hashing)
- Data handling (e.g., destruction, retention, classification, labeling)
- Logging and monitoring security events
Understand system hardening - Configuration management (e.g., baselines, updates, patches)
Understand best practice security policies - Data handling policy
- Password policy
- Acceptable Use Policy (AUP)
- Bring your own device (BYOD) policy
- Change management policy (e.g., documentation, approval, rollback)
- Privacy policy
Understand security awareness training - Purpose/concepts (e.g., social engineering, password protection)
- Importance

To ensure success in ISC2 CC certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for ISC2 Certified in Cybersecurity (CC) exam.

Rating: 5 / 5 (78 votes)