ISC2 CC Guide: Certified in Cybersecurity

ISC2 CC exam guide covering security fundamentals, identity, risk, and response decisions.

This Certified in Cybersecurity guide helps CC candidates focus on what the exam tests, where close answers usually split, and which review page to use next.

Use the study plan to sharpen risk, control, and incident-response decisions, the cheat sheet for last-mile review, the sample questions for decision practice, the FAQ for scope checks, the resources page for ISC2 exam references, and the glossary when control names blur together.

At a glance

Item	Guide value
Vendor	ISC2
Exam or credential	Certified in Cybersecurity
Code or shorthand	CC
Study level	Entry cybersecurity
IT Mastery page	CC exam page
Guide shape	Start-here page, study plan, cheat sheet, FAQ, resources, and glossary.

Scope map

Lane	What to master	Common weak answer
Security principles and governance	Understand confidentiality, integrity, availability, risk, policy, ethics, and compliance basics.	Choosing a tool when the question asks for policy, risk, or governance.
Access control and identity	Use authentication, authorization, accountability, least privilege, MFA, and lifecycle management.	Confusing authentication with authorization.
Network and system security	Recognize network controls, secure configuration, endpoint protection, monitoring, and hardening.	Assuming one firewall control solves identity or data risk.
Incident response and operations	Follow detection, reporting, containment, recovery, communication, and lessons learned.	Skipping evidence, chain of custody, or escalation.
Security awareness and resilience	Use training, backup, recovery, business continuity, and safe user behavior.	Treating users only as weakness rather than part of control design.

How to use this guide

Start with the study plan if you need a short path through the exam scope.
Use the cheat sheet before a mixed practice set and again when you want a fast control review.
Check the FAQ when you are deciding whether this exam is the right IT Mastery lane.
Use the resources page for official references and current exam details.
Use the glossary when two services, controls, roles, or terms feel interchangeable.

Exam decision habit

ISC2 entry and practitioner questions reward risk-first thinking: asset, threat, control objective, evidence, and business impact.

Source status

Use the current ISC2 exam page for live exam details, including name, status, pricing, duration, delivery method, languages, retirement or beta changes, and domain weights where applicable.

In this section

ISC2 CC Cheat Sheet: Core Controls and Risk Basics
ISC2 CC cheat sheet for core controls, risk basics, traps, and final review.
ISC2 CC Study Plan: 30, 60, and 90 Days
ISC2 CC 30-, 60-, and 90-day study plan with topic order, review loops, and final-week priorities.
ISC2 CC Sample Questions with Explanations
ISC2 CC sample questions with explanations, traps, topic labels, and IT Mastery route links.
ISC2 CC FAQ: Exam Format, Topics, and Prep
ISC2 CC FAQ for exam format, topics, prep strategy, practice, and common candidate traps.
ISC2 CC Resources: Official Links and Study Tools
ISC2 CC resources for official links, blueprint checks, study tools, and source review.
ISC2 CC Glossary: Core Controls and Risk Terms
ISC2 CC glossary of core controls, risk terms, traps, and decision cues.

Revised on Sunday, May 10, 2026

SSCP