

CC: Certified in Cybersecurity Entry-Level Certification
Course Information

Course Name
CC: Certified in Cybersecurity Entry-Level Certification

Exam code
CC

Duration
2 Days
Certification
Overview
The “Certified in Cybersecurity” (CC) certification from ISC2 is designed for entry-level cybersecurity roles, requiring no prior experience but a passion for the field. This certification is suitable for IT professionals, career changers, and students, offering foundational cybersecurity knowledge across key areas such as security principles, business continuity, disaster recovery, access control, and network security.
Benefits include:
- Enhanced credibility and job prospects
- Access to a professional network
- A strong foundation for advanced certifications like CISSP
- Higher earning potential (ISC2 members report 35% higher salaries).
Audience Profile
If you’re looking to join a dynamic and rewarding workforce, get Certified in Cybersecurity and demonstrate to employers you have the foundational knowledge and passion to join their team. This certification is ideal for:
- IT professionals
- Career changers looking to transition into cybersecurity
- College students or recent graduates
Ideal candidates for Certified in Cybersecurity are:
- Problem solvers
- Creative
- Analytical and critical thinkers
- Excited by the opportunity to learn
Prerequisites
- Entry-Level
- No Work Experience Required
At Course Completion
- Security Principles
- Incident Response, Business Continuity (BC) and Disaster Recovery (DR) Concepts
- Access Controls Concepts
- Network Security
- Security Operations
Course Outline
1.1 – Understand the security concepts of information assurance
- Confidentiality
- Integrity
- Availability
- Authentication (e.g., methods of authentication, multi-factor authentication (MFA))
- Non-repudiation
- Privacy
1.2 – Understand the risk management process
- Risk management (e.g., risk priorities, risk tolerance)
- Risk identification, assessment and treatment
1.3 – Understand security controls
- Technical controls
- Administrative controls
- Physical controls
1.4 – Understand ISC2 Code of Ethics
- Professional code of conduct
1.5 – Understand governance processes
- Policies
- Procedures
- Standards
- Regulations and laws
2.1 – Understand business continuity (BC)
- Purpose
- Importance
- Components
2.2 – Understand disaster recovery (DR)
- Purpose
- Importance
- Components
2.3 – Understand incident response
- Purpose
- Importance
- Components
3.1 – Understand physical access controls
- Physical security controls (e.g., badge systems, gate entry, environmental design)
- Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs)
- Authorized versus unauthorized personnel
3.2 – Understand logical access controls
- Principle of least privilege
- Segregation of duties
- Discretionary access control (DAC)
- Mandatory access control (MAC)
- Role-based access control (RBAC)
4.1 – Understand computer networking
- Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi)
- Ports
- Applications
4.2 – Understand network threats and attacks
- Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel)
- Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS))
- Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))
4.3 – Understand network security infrastructure
- On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA))
- Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems, Internet of Things (IoT))
- Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid)
5.1 – Understand data security
- Encryption (e.g., symmetric, asymmetric, hashing)
- Data handling (e.g., destruction, retention, classification, labeling)
- Logging and monitoring security events
5.2 – Understand system hardening
- Configuration management (e.g., baselines, updates, patches)
5.3 – Understand best practice security policies
- Data handling policy
- Password policy
- Acceptable Use Policy (AUP)
- Bring your own device (BYOD) policy
- Change management policy (e.g., documentation, approval, rollback)
- Privacy policy
5.4 – Understand security awareness training
- Purpose/concepts (e.g., social engineering, password protection)
- Importance
Overview
Overview
The “Certified in Cybersecurity” (CC) certification from ISC2 is designed for entry-level cybersecurity roles, requiring no prior experience but a passion for the field. This certification is suitable for IT professionals, career changers, and students, offering foundational cybersecurity knowledge across key areas such as security principles, business continuity, disaster recovery, access control, and network security.
Benefits include:
- Enhanced credibility and job prospects
- Access to a professional network
- A strong foundation for advanced certifications like CISSP
- Higher earning potential (ISC2 members report 35% higher salaries).
Audience Profile
Audience Profile
If you’re looking to join a dynamic and rewarding workforce, get Certified in Cybersecurity and demonstrate to employers you have the foundational knowledge and passion to join their team. This certification is ideal for:
- IT professionals
- Career changers looking to transition into cybersecurity
- College students or recent graduates
Ideal candidates for Certified in Cybersecurity are:
- Problem solvers
- Creative
- Analytical and critical thinkers
- Excited by the opportunity to learn
Prerequisities
Prerequisites
- Entry-Level
- No Work Experience Required
At Course Completion
At Course Completion
- Security Principles
- Incident Response, Business Continuity (BC) and Disaster Recovery (DR) Concepts
- Access Controls Concepts
- Network Security
- Security Operations
Course Outline
Course Outline
1.1 – Understand the security concepts of information assurance
- Confidentiality
- Integrity
- Availability
- Authentication (e.g., methods of authentication, multi-factor authentication (MFA))
- Non-repudiation
- Privacy
1.2 – Understand the risk management process
- Risk management (e.g., risk priorities, risk tolerance)
- Risk identification, assessment and treatment
1.3 – Understand security controls
- Technical controls
- Administrative controls
- Physical controls
1.4 – Understand ISC2 Code of Ethics
- Professional code of conduct
1.5 – Understand governance processes
- Policies
- Procedures
- Standards
- Regulations and laws
2.1 – Understand business continuity (BC)
- Purpose
- Importance
- Components
2.2 – Understand disaster recovery (DR)
- Purpose
- Importance
- Components
2.3 – Understand incident response
- Purpose
- Importance
- Components
3.1 – Understand physical access controls
- Physical security controls (e.g., badge systems, gate entry, environmental design)
- Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs)
- Authorized versus unauthorized personnel
3.2 – Understand logical access controls
- Principle of least privilege
- Segregation of duties
- Discretionary access control (DAC)
- Mandatory access control (MAC)
- Role-based access control (RBAC)
4.1 – Understand computer networking
- Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi)
- Ports
- Applications
4.2 – Understand network threats and attacks
- Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel)
- Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS))
- Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))
4.3 – Understand network security infrastructure
- On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA))
- Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems, Internet of Things (IoT))
- Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid)
5.1 – Understand data security
- Encryption (e.g., symmetric, asymmetric, hashing)
- Data handling (e.g., destruction, retention, classification, labeling)
- Logging and monitoring security events
5.2 – Understand system hardening
- Configuration management (e.g., baselines, updates, patches)
5.3 – Understand best practice security policies
- Data handling policy
- Password policy
- Acceptable Use Policy (AUP)
- Bring your own device (BYOD) policy
- Change management policy (e.g., documentation, approval, rollback)
- Privacy policy
5.4 – Understand security awareness training
- Purpose/concepts (e.g., social engineering, password protection)
- Importance
