What Is the CC Certification?

The Certified in Cybersecurity (CC) is an entry-level cybersecurity certification issued by (ISC)². It is designed for people who want to break into the cybersecurity field — no prior work experience is required. The CC validates foundational knowledge across five core security domains and demonstrates to employers that you understand basic security principles, access controls, network security, and incident response.

Exam Format & Pattern

Field
Detail
Exam Name
Certified in Cybersecurity (CC)
Issuing Body
(ISC)²
Questions
100 Multiple Choice
Duration
2 hours
Passing Score
700 out of 1000 (scaled scoring)
Delivery
Computer-Based via Pearson VUE — test centre or online proctoring
Languages
English, Chinese, German, Japanese, Korean, Spanish, and more

Prerequisites & Eligibility

One of the biggest advantages of the CC is that there are zero prerequisites. No work experience, no degree, no prior certification is required to sit for the exam. This makes it genuinely accessible to career changers, students, and anyone entering the cybersecurity field for the first time.

Exam Cost & Registration

The exam fee is $249 USD for non-members. (ISC)² members pay a reduced rate. Registration is done through Pearson VUE directly. You can purchase the exam voucher first and book the date separately — you are not forced to commit to a date before you are ready.

After You Pass

Once you pass, you become an Associate of (ISC)² while working toward fulfilling the full CISSP experience requirements — or you hold the CC as a standalone credential. The certification is valid for 3 years and requires annual renewal through CPE credits and an Annual Maintenance Fee.

Domain Weightage

The CC exam covers five domains. Understanding the weightage helps you prioritize your study time. Domains 1 and 4 together make up 50% of the exam — weight your study effort accordingly.

Domain
Topic
Domain 1 · 26%
Security Principles — CIA Triad, AAA, risk management, governance, controls, ethics
Domain 2 · 10%
Business Continuity, Disaster Recovery & Incident Response
Domain 3 · 22%
Access Controls Concepts — least privilege, PAM, DAC/MAC/RBAC, logging
Domain 4 · 24%
Network Security — OSI model, protocols, threats, cloud, Zero Trust
Domain 5 · 18%
Security Operations — data handling, change management, security awareness

Exam Strategy Tips

  1. Don't rush. You have 2 hours for 100 questions — that's over a minute per question. Use it. Read each question fully before looking at the answer choices.
  2. Watch for absolutes. Words like "always," "never," "only," and "must" in answer choices are often red flags. Security rarely works in absolutes.
  3. Think like a manager, not a technician. When in doubt, pick the answer that prioritizes risk management and policy over technical implementation.
  4. The CIA Triad is everywhere. Many questions will not mention CIA explicitly, but the correct answer will almost always be traceable back to preserving Confidentiality, Integrity, or Availability.
  5. Process of elimination works. Even if you don't know the right answer, you can often identify two wrong ones and improve your odds significantly.
CC Series — 5 Articles
Overview
Overview
You are here
Domain 1
Domain 1
Read article
Domain 2
Domain 2
Read article
Domain 3
Domain 3
Read article
Domain 4
Domain 4
Read article