Everything you need to prepare for the ISC2 Certified in Cybersecurity exam — exam overview, domain-by-domain concept articles, and the thinking framework that drives every correct answer.
Before diving into domains, understand the exam format, domain weightage, and the five key exam strategy tips that change how you answer questions.
Domain 1 and Domain 4 together account for 50% of the exam. Understanding the weighting before you start studying is the first strategic decision.
Each domain article covers every topic tested in that domain — structured for exam readiness, not just conceptual understanding.
The CIA Triad, AAA framework, non-repudiation, privacy (PII, PHI, GDPR), risk management process, security controls, governance hierarchy, and the ISC2 Code of Ethics.
IR terminology (breach, event, exploit, zero day), four phases of incident response, business continuity planning, disaster recovery planning, and how IR/BC/DR relate to each other.
Defense in depth, principle of least privilege, PAM, segregation of duties, user provisioning lifecycle, physical access controls (mantraps, turnstiles, CPTED), logical controls (DAC, MAC, RBAC), and log management.
Network types, OSI and TCP/IP models, IPv4 vs IPv6, Wi-Fi security, attack types (DoS, MITM, spoofing), insecure vs secure ports and protocols, IDS/IPS/SIEM, cloud models (SaaS/PaaS/IaaS), DMZ, VLAN, VPN, and Zero Trust.
Data handling, security policies, change management, configuration management, best practice security policies, and security awareness training.
The CC tests how you think, not just what you know. These principles apply to almost every question in the exam.
New CC prep articles every week. Follow Parul Sharma to get notified the moment new content goes live.
Follow Parul SharmaGet new CC and exam prep articles delivered to your inbox. No spam.
No spam. Unsubscribe anytime.