Motivation

“Life is a marathon, not a sprint”

Phillip C. McGraw

Welcome Back

Hola gente..!

Disclaimer: This blog only discusses my POV on ISC2 CC.

Introduction

This post provides an overview of Certified in Cybersecurity (CC), offered by ISC2, a non-profit organization specializing in training and certifications for cybersecurity professionals. I recently passed the test, which is super exciting since it’s my first official cert to add to my collection. Here’s a breakdown of the course content and what the test looks like.

The CC test is divided into five major domains:

  1. Security Principles
  2. Business Continuity Plan, Disaster Recovery, and Incident Response
  3. Access Control Concepts
  4. Network Security
  5. Security Operations Center (SOC)

Where to Start?

Check the official link to get started with registration.

  • Focus: Basics of cybersecurity.
  • Prerequisites: None.
  • For Whom: Anyone interested in cybersecurity.
  • Level: Beginner.
  • Why: This course raises awareness of the security field and answers key questions such as: Why is security necessary? How can we protect ourselves? What are the risks of low cybersecurity?

The CC Certification Exam

  • Partnered With: PearsonVue (conducted at physical test centers).
  • Format: 100 questions.
  • Duration: 120 minutes (plenty of time, no need to panic).
  • Weightage: Varies by question.

Preparation Duration

  • My Prep: About 2 weeks, spending 1-2 hours daily due to time constraints.
  • Background: I have a foundation in networking and work as a software developer.
  • Final Push: The day before the test, I focused heavily on solving dumps.

What Will You Learn?

Chapter 1: Security Principles

  • Understand the Security Concepts of Information Assurance.
  • Understand the Risk Management Process.
  • Understand Security Controls.
  • Understand Governance Elements and Processes.
  • Understand ISC2 Code of Ethics.

Chapter 2: Incident Response, Business Continuity, and Disaster Recovery Concepts

  • Understand Incident Response.
  • Understand Business Continuity.
  • Understand Disaster Recovery.

Chapter 3: Access Control Concepts

  1. Understand Access Control Concepts.
  2. Understand Physical Access Controls.
  3. Understand Logical Access Controls.

Chapter 4: Network Security

  1. Understand Computer Networking.
  2. Understand Network (Cyber) Threats and Attacks.
  3. Understand Network Security Infrastructure.

Chapter 5: Security Operations

  1. Understand Data Security.
  2. Understand System Hardening.
  3. Understand Best Practice Security Policies.
  4. Understand Security Awareness Training.

Mistakes I Made During Preparation

  • Solely Following Official Docs: While the official documentation is excellent for learning, it’s insufficient for test preparation.
  • Overconfidence: Scoring 90+ in every domain and pre/post-course tests made me overly confident.
  • Diving Too Deep: I spent too much time on concepts I found interesting but weren’t necessary for the test. (You can do if you have time)
  • Late Dump Practice: I started solving dumps only four days before the test, which was a mistake.

Resources

  1. ISC2 CC Self-Paced Course:
    • Easy to understand, with podcasts, articles, and videos.
    • Test questions are different from the course material, so additional preparation is necessary.
  2. LinkedIn Learning: ISC2 CC by Mike Chapple:
    • A highly recommended resource by many who’ve passed the test.
  3. Prabh Nair’s YouTube Playlist:
    • My favorite resource! His coffee shots and explanations help you think like how you need to read the problem.
  4. GitHub Repo by Ayemun Hossain:
    • A goldmine for exam prep with materials and last-minute tips.
    • Highly recommend reviewing the “Last Week Preparations/Last Minute Reminder CC – Certified in Cyber Security.pdf.”

Final Thoughts

Achieving the ISC2 CC certification was a rewarding experience and a great way to solidify my foundational cybersecurity knowledge. While the certification covers the basics, it serves as a stepping stone for exploring more advanced areas of cybersecurity. If you’re planning to take the test, start early, use diverse resources, and practice as much as possible.

Good luck..!

In Next

Solving Overthewire Bandit series 🔓🗝️