ISC2 Certified in Cybersecurity Exam Syllabus
Start Free Certified in Cybersecurity Exam Practice After Reviewing the Topics
Before starting your Certified in Cybersecurity exam preparation, it is recommended to review the complete ISC2 Certified in Cybersecurity exam syllabus and carefully go through the exam objectives listed below. Once you understand the exam structure and objectives, you should practice using our free Certified in Cybersecurity questions. We also provide premium Certified in Cybersecurity practice test, fully updated according to the latest exam objectives, to help you accurately assess your preparedness for the actual exam.
ISC2 Certified in Cybersecurity Exam Objectives
| Section | Weight | Objectives |
|---|---|---|
| Security Principles | 26% | 1.1 - Understand the security concepts of information assurance Confidentiality Integrity Availability Authentication (e.g., methods of authentication, multi-factor authentication (MFA)) Non-repudiation Privacy 1.2 - Understand the risk management process Risk management (e.g., risk priorities, risk tolerance) Risk identification, assessment and treatment 1.3 - Understand security controls Technical controls Administrative controls Physical controls 1.4 - Understand ISC2 Code of Ethics Professional code of conduct 1.5 - Understand governance processes Policies Procedures Standards Regulations and laws |
| Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts | 10% | 2.1 - Understand business continuity (BC) Purpose Importance Components 2.2 - Understand disaster recovery (DR) Purpose Importance Components 2.3 - Understand incident response Purpose Importance Components |
| Access Controls Concepts | 22% | 3.1 - Understand physical access controls Physical security controls (e.g., badge systems, gate entry, environmental design) Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs) Authorized versus unauthorized personnel 3.2 - Understand logical access controls Principle of least privilege Segregation of duties Discretionary access control (DAC) Mandatory access control (MAC) Role-based access control (RBAC) |
| Network security | 24% | 4.1 - Understand computer networking Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi) Ports. Applications 4.2 - Understand network threats and attacks Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel) Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS)) Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS)) 4.3 - Understand network security infrastructure On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA)) Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems, Internet of Things (IoT)) Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid) |
| Security Operations | 18% | 5.1 - Understand data security Encryption (e.g., symmetric, asymmetric, hashing) Data handling (e.g., destruction, retention, classification, labeling) Logging and monitoring security events 5.2 - Understand system hardening Configuration management (e.g., baselines, updates, patches) 5.3 - Understand best practice security policies Data handling policy Password policy Acceptable Use Policy (AUP) Bring your own device (BYOD) policy Change management policy (e.g., documentation, approval, rollback) Privacy policy 5.4 - Understand security awareness training Purpose/concepts (e.g., social engineering, password protection) Importance |
| Official Information | https://www.isc2.org/certifications/cc |
Our Features
- 50000+ Customers feedbacks involved in Products
- Customize your exam based on your objectives
- User-Friendly interface
- Exam History and Progress reports
- Self-Assessment Features
- Various Learning Modes