ISC2 Certified In Cybersecurity (CC)

About Course

The ISC2 Certified in Cybersecurity (CC) certification is an entry-level credential designed to validate foundational knowledge and skills required to begin a career in cybersecurity. It covers essential domains such as security principles, access controls, network security, incident response, and security operations. The certification helps learners understand basic cyber threats, risk management practices, and best practices for protecting systems and data. CC is ideal for beginners seeking to enter the cybersecurity field with no prior experience. Earning this certification demonstrates readiness for junior security roles and provides a strong starting point for advanced cybersecurity pathways, including ISC2’s professional-level certifications.

Course Content

One On One Training

Module 1- Understand the security concepts of information assurance

Module 2- Understand the risk management process

Module 3 – Understand security controls

Module 4- Understand (ISC)² Code of Ethics

Module 5- Understand governance processes

Module 6- Understand business continuity (BC)

Module 8- Understand incident response

Module 9- Understand physical access controls

Module 10- Understand logical access controls

Module 11- Understand computer networking

Module 12- Understand network threats and attacks

Module 13- Understand network security infrastructure

Module 14- Understand data security

Module 15- Understand system hardening

Module 16- Understand best practice security policies

Module 17- Understand security awareness training

About Course

What Will You Learn?

Course Content

One On One Training

Module 1- Understand the security concepts of information assurance

Confidentiality

Integrity

Availability

Authentication (e.g., methods of authentication, multi-factor authentication (MFA))

Non-repudiation

Privacy

Module 2- Understand the risk management process

Risk management (e.g., risk priorities, risk tolerance)

Risk identification, assessment and treatment

Module 3 – Understand security controls

Technical controls

Administrative controls

Physical controls

Module 4- Understand (ISC)² Code of Ethics

Professional code of conduct

Module 5- Understand governance processes

Policies

Procedures

Standards

Regulations and laws

Module 6- Understand business continuity (BC)

Purpose

Importance

Components

Module 8- Understand incident response

Purpose

Importance

Components

Module 9- Understand physical access controls

Physical security controls (e.g., badge systems, gate entry, environmental design)

Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs)

Authorized versus unauthorized personnel

Module 10- Understand logical access controls

Principle of least privilege

Segregation of duties

Discretionary access control (DAC)

Mandatory access control (MAC)

Role-based access control (RBAC)

Module 11- Understand computer networking

Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi)

Ports

Applications

Module 12- Understand network threats and attacks

Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-themiddle (MITM), side-channel)

Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS))

Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))

Module 13- Understand network security infrastructure

On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA))

Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems,Internet of Things)

Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid)

Module 14- Understand data security

Encryption (e.g., symmetric, asymmetric, hashing)

Data handling (e.g., destruction, retention, classification, labeling)

Logging and monitoring security events

Module 15- Understand system hardening

Configuration management (e.g., baselines, updates, patches)

Module 16- Understand best practice security policies

Data handling policy

Password policy

Acceptable Use Policy (AUP)

Bring your own device (BYOD) policy

Change management policy (e.g., documentation, approval, rollback)

Privacy policy

Module 17- Understand security awareness training

Purpose/concepts (e.g., social engineering, password protection)

Importance