ISC2 CC
ISC2 Certified in Cybersecurity (CC)
The ISC2 Certified in Cybersecurity (CC) is an entry-level certification designed for career changers, students, and IT professionals entering cybersecurity. It covers foundational security principles, incident response basics, access control concepts, network security fundamentals, and security operations. ISC2 provides free online self-paced training for CC, and passing it creates an associate-level ISC2 membership on the path toward CISSP.
ISC2 CC Exam Overview
| Detail | Information |
|---|---|
| Full Name | ISC2 Certified in Cybersecurity (CC) |
| Governing Body | ISC2 |
| Number of Questions | 100 |
| Time Limit | 3 hours |
| Passing Score | 700/1000 |
| Exam Fee | $199 USD |
| Category | IT Certifications |
| C3RT App Available On | iPhone, iPad, and Mac |
| Official Source | ISC2 official website ↗ |
ISC2 CC Content Areas and Domains
| Domain / Content Area | Exam Weight |
|---|---|
| Security Principles | 26% |
| Business Continuity, Disaster Recovery and Incident Response | 10% |
| Access Control Concepts | 22% |
| Network Security | 24% |
| Security Operations | 18% |
Domain weights are approximate and based on the ISC2 content outline. Always verify at the official source before your exam.
Topics Covered
- ✓ Security Principles — CIA triad, security concepts, risk management basics, ethics
- ✓ Business Continuity, Disaster Recovery & Incident Response — BCP/DRP fundamentals, incident response lifecycle
- ✓ Access Controls Concepts — authentication types, authorization models (DAC, MAC, RBAC), least privilege
- ✓ Network Security — OSI model review, network protocols, firewalls, VPNs, wireless security basics
- ✓ Security Operations — data handling, system hardening, patch management, physical security
How C3RT Helps You Pass the ISC2 CC
Adaptive Practice
Questions adapt to your weak areas automatically so every study session on the ISC2 CC is time well spent.
Diagnostic Mocks
Full-length mock exams timed to the real ISC2 CC format with detailed score breakdowns by topic.
Mistake Bank
Every wrong answer is saved for targeted re-drill. The system resurfaces your mistakes until they stick.
Native on iOS & Mac
Built with SwiftUI, not a web wrapper. Instant load, offline support, hardware-speed rendering.
ISC2 CC Frequently Asked Questions
What does ISC2 CC stand for?
ISC2 CC stands for ISC2 Certified in Cybersecurity (CC). It is administered by ISC2.
Who administers the ISC2 CC?
The ISC2 Certified in Cybersecurity (CC) (ISC2 CC) is administered by ISC2. For official information, visit the ISC2 website.
How many questions is the ISC2 CC?
The ISC2 CC consists of 100 questions. Candidates are given 3 hours to complete the exam.
What is the passing score for the ISC2 CC?
The passing score for the ISC2 CC is 700/1000, as set by ISC2. Scoring methodology and passing standards may be updated periodically. Always verify current requirements with the governing body.
How much does the ISC2 CC exam cost?
The ISC2 CC exam fee is $199 USD. This fee is set by ISC2 and may vary by testing centre, region, or membership status. Additional fees for registration or rescheduling may apply.
Is the ISC2 CC actually free?
The exam fee is $199 USD, but ISC2 provides free self-paced online training covering all CC domains through their ISC2 candidate portal. The training alone ($199 value per ISC2's estimate) is free. The exam costs $199, but ISC2 has run periodic promotional periods where it was offered at no cost. Check isc2.org for current pricing and free training access.
How does CC compare to CompTIA Security+?
Both are entry-level cybersecurity certifications, but Security+ is more widely recognized by employers and meets DoD 8570 requirements. CC is from ISC2 (the CISSP organization), making it a credible credential, but Security+ has significantly more employer recognition in job postings. CC is valuable as a stepping stone toward CISSP and is a good complement to Security+ for career changers.
Does CC lead to CISSP?
Yes — earning CC creates an associate-level ISC2 membership. You can then work toward CISSP experience requirements (5 years in 2 of 8 CISSP domains) while using CC to demonstrate foundational cybersecurity knowledge. ISC2 positions CC as the first step in their certification pathway: CC → SSCP → CISSP.
What is the CIA triad and how does it relate to CC?
The CIA triad — Confidentiality, Integrity, and Availability — is the foundational framework for information security that underpins all security concepts in the CC exam. Confidentiality prevents unauthorized disclosure, Integrity ensures data accuracy and trustworthiness, and Availability ensures systems and data are accessible when needed. Every security control, risk, and decision in CC can be analyzed through the CIA triad.
How difficult is the ISC2 CC exam (Certified in Cybersecurity)?
The ISC2 CC is designed as an entry-level security credential and is considered low to moderate in difficulty. It covers foundational security concepts, access controls, network security basics, and incident response at a general knowledge level. Most candidates with basic IT familiarity and 4–6 weeks of study pass on the first attempt.
What are the eligibility requirements for the ISC2 CC?
There are no work experience or education requirements for the ISC2 CC. It is explicitly designed as an accessible entry-point credential for individuals with no prior security experience — students, career changers, and IT professionals transitioning into cybersecurity.
How long should I study for the ISC2 CC?
Most candidates need 4–8 weeks of study using ISC2's free self-paced CC course (available through their website), supplemented by practice exams. ISC2 made the CC exam free for a period to help grow the global cybersecurity workforce, significantly lowering the barrier to entry.
What career value does the ISC2 CC provide?
The CC signals foundational security knowledge backed by the ISC2 brand and is useful for entry-level help desk, IT support, and junior security roles. It is not a substitute for Security+ in most hiring contexts but demonstrates commitment to a cybersecurity career path. The credential is best viewed as a stepping stone toward SSCP or CISSP.
What is the ISC2 CC retake policy?
After a first failure, a 30-day wait applies. After a second failure, 60 days. After a third failure, 90 days. A maximum of three attempts per year is permitted, consistent with other ISC2 credentials.
How long is the ISC2 CC credential valid?
The ISC2 CC is valid for three years. Renewal requires 45 CPE credits over the three-year cycle and payment of the ISC2 Annual Maintenance Fee.
What continuing education is required for ISC2 CC renewal?
Renewal requires 45 CPE credits over three years plus the Annual Maintenance Fee. ISC2 offers a wide range of free and affordable training resources relevant to CC-level content for maintaining the credential.
How does the ISC2 CC compare to CompTIA Security+ for entry-level cybersecurity?
Both are entry-level security credentials, but CompTIA Security+ is more widely required by employers, especially for government and DoD roles (where it is DoD 8570-approved). ISC2 CC carries the ISC2 brand name and can be an excellent resume addition, particularly if you aspire to CISSP eventually. Security+ is generally the stronger hiring signal for most job postings. The CC is excellent as a first credential or alongside Security+ for career changers.
C3RT is a native iOS and macOS exam preparation platform covering the ISC2 Certified in Cybersecurity (CC) (ISC2 CC), a IT Certifications certification, administered by ISC2. C3RT is not affiliated with or endorsed by ISC2. Certification names and trademarks are the property of their respective organisations. For official exam registration, eligibility requirements, and content outlines, visit the ISC2 official website ↗ .