CC Training Course

ISC2 CC Training: Certified in Cybersecurity

Module 1: Security Principles 26% of exam

The foundation domain. Everything else in the CC exam β€” access control, networking, incident response, operations β€” sits on top of the ideas in this module. Expect the biggest slice of your exam questions to come from here, and expect them to be less about memorising acronyms than about recognising the right principle when you see it in a scenario.

  • 1 What CC Is and Why It Matters 5 min Free preview
  • 2 The CIA Triad: Confidentiality, Integrity, Availability 5 min πŸ”’
  • 3 Authentication, Authorization, and Accounting (AAA) 5 min πŸ”’
  • 4 Non-repudiation and Privacy 5 min πŸ”’
  • 5 Risk Basics: Threats, Vulnerabilities, and Impact 5 min πŸ”’
  • 6 Risk Management: Identify, Assess, Treat, Monitor 5 min πŸ”’
  • 7 Risk Treatment Options: Accept, Transfer, Mitigate, Avoid 5 min πŸ”’
  • 8 Security Controls: Categories and Types 5 min πŸ”’
  • 9 The ISC2 Code of Ethics 5 min πŸ”’
  • 10 Governance: Policies, Standards, Procedures, and Guidelines 5 min πŸ”’
  • 11 Regulatory and Legal Concepts 5 min πŸ”’
  • 12 Professional Ethics in Practice 4 min πŸ”’
  • 13 Domain 1 Wrap-Up and Study Notes 4 min πŸ”’

Module 2: Business Continuity, Disaster Recovery, and Incident Response 10% of exam

The smallest of the five domains but a favourite for scenario questions. You are asked what should happen when things go wrong: how the organisation keeps operating, how it recovers, and how it handles security incidents in real time.

  • 1 Business Continuity: Keeping the Lights On 5 min πŸ”’
  • 2 Disaster Recovery: Bringing Things Back 5 min πŸ”’
  • 3 Incident Response Basics 5 min πŸ”’
  • 4 Roles During an Incident: Who Does What 4 min πŸ”’
  • 5 Domain 2 Wrap-Up and Study Notes 4 min πŸ”’

Module 3: Access Control Concepts 22% of exam

The second-largest domain. Access control is the day-to-day work of security teams β€” deciding who gets to see what, verifying that the people asking really are who they say they are, and making sure the privileges we hand out do not accumulate into a mess.

  • 1 Access Control Fundamentals 5 min πŸ”’
  • 2 Physical Access Control 4 min πŸ”’
  • 3 Logical Access Control 4 min πŸ”’
  • 4 Identification and Authentication 5 min πŸ”’
  • 5 Passwords, Passphrases, and MFA 5 min πŸ”’
  • 6 Discretionary and Mandatory Access Control 5 min πŸ”’
  • 7 Role-Based Access Control (RBAC) 5 min πŸ”’
  • 8 Attribute-Based and Rule-Based Access Control 4 min πŸ”’
  • 9 Principle of Least Privilege and Segregation of Duties 5 min πŸ”’
  • 10 Privileged Access Management 4 min πŸ”’
  • 11 Domain 3 Wrap-Up and Study Notes 4 min πŸ”’

Module 4: Network Security 24% of exam

Where security meets networks. This domain covers the vocabulary of networking, the common threats you meet on a network, and the controls used to defend it β€” firewalls, VPNs, segmentation, and the shared-responsibility model of the cloud. Almost a quarter of the exam lives here.

  • 1 Networking Fundamentals for Security Pros 5 min πŸ”’
  • 2 The OSI Model and TCP/IP Basics 6 min πŸ”’
  • 3 Common Ports and Protocols 5 min πŸ”’
  • 4 IPv4 vs IPv6 and Network Addressing 5 min πŸ”’
  • 5 Common Threats and Attacks 6 min πŸ”’
  • 6 Wired and Wireless Networks 5 min πŸ”’
  • 7 Firewalls and Intrusion Detection 6 min πŸ”’
  • 8 Segmentation, VLANs, and DMZ 5 min πŸ”’
  • 9 Network Security Tools and Techniques 5 min πŸ”’
  • 10 Virtual Private Networks (VPNs) 4 min πŸ”’
  • 11 Cloud Basics and Shared Responsibility 5 min πŸ”’
  • 12 Domain 4 Wrap-Up and Study Notes 4 min πŸ”’

Module 5: Security Operations 18% of exam

The daily work of running a security programme β€” handling data responsibly, using cryptography correctly, managing changes and configurations, and turning humans into partners rather than the weakest link. Almost a fifth of the exam sits here.

  • 1 Data Handling and Classification 5 min πŸ”’
  • 2 Data Security: In Transit, At Rest, In Use 5 min πŸ”’
  • 3 Encryption Fundamentals 6 min πŸ”’
  • 4 Hashing and Digital Signatures 5 min πŸ”’
  • 5 Change Management Basics 5 min πŸ”’
  • 6 Configuration and Asset Management 4 min πŸ”’
  • 7 Security Awareness Training 4 min πŸ”’
  • 8 Common Security Policies 5 min πŸ”’
  • 9 Domain 5 Wrap-Up and Study Notes 4 min πŸ”’