cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
arjemlearning
Newcomer I

2023 CC Study Resources

*(UPDATE: I PASSED THE CC EXAM)

I'm preparing for my upcoming CC exam and wanted to share the study resources I'm using:

1. (ISC)2 Website: Official ISC2 Certified in Cybersecurity (CC) Self-Paced Training course.

> Pre-Course Assessment

> Chapters Flash Card and select TEST mode

> Chapters Summary Quizzes

> Post-Course Assessment
(Since all of these resources allow unlimited attempts, the goal is to achieve a perfect score.)

2. Udemy : The Complete Certified in Cybersecurity (CC) course ISC2 '23 by Thor Pedersen
3. LinkedIn: (ISC)2 Certified in Cybersecurity (CC) Cert Prep by Mike Chapple

4. Youtube: CC Certification: Best Practice Questions! (CC Exam Playlist) of Prabh Nair
5. Youtube: CC & CISSP Practice Question with explanations by Luke Ahmed (StudynotesandTheory)
6. Other related Resources: Network+ and Security+ by Jason Dion or Professor Messer

Additional: Read 10 Things You Need To Know Right Now Before Taking The ISC2 CC Certified In Cybersecurity Exam 2023 ... by: Cyber Mesh

(ISC)2 Frequently Asked Questions

Exam

Time Allotted

Items

Passing Grade

Certified in Cybersecurity

2 hours

100 multiple choice, 4 choices

700 out of 1000 points

 

DomainsAverage Weight# of Items
1. Security Principles26%20
2. Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts10%7
3. Access Controls Concepts22%17
4. Network Security24%18
5. Security Operations18%13
Total100%75*


If you have any additional resources that are not listed, please feel free to comment below.

32 Replies
BradDinWMI
Viewer II

Excellent
temty
Viewer III

This is super helpful! Thanks

Kingdavid55
Newcomer II

Thank you for the info and congratulations .One question, Is this certification alone gets a job for us? I am not a person with IT background, that's why
denbesten
Community Champion


@Kingdavid55 wrote:
Thank you for the info and congratulations .One question, Is this certification alone gets a job for us? I am not a person with IT background, that's why

No.  There is nothing in this world that will "get you a job" all by itself.  Think of it more like listing "I took a cybersecurity course in college" on your resume.  That might be enough to get someone to call  you in for an interview, but it will not get you the job.

dharma79
Reader I

This book is a good resource to prepare for the CC ISC2 Exam: CC Certified in Cybersecurity All-in-One Exam Guide Paperback – Student Edition, 18 July 2023 

https://www.amazon.co.uk/Certified-Cybersecurity-All-One-Guide/dp/1265203814/ref=cm_cr_arp_d_pl_foot...

 

Early_Adopter
Community Champion

@Kingdavid55 as @denbesten points out CC is not going to get you a job. If you don’t have experience in any IT role get an IT role before you go into Cybersecurity, unless you’re looking at trainee or intern positions or they are exceptionally talented anyone getting interviewed that doesn’t have a computer science degree with no IT experience will not get a job in cybersecurity.

There isn’t enough preparation in the industry for widespread recognition of CC, though I think there’s some hope that a bit of the CISSP will rub off, raising the CC up but it doesn’t have the benefit of peer certified/endorsed/validated experience, and really is entry level. Even more so than SSCP, which at least has an experience requirement.

CompTIA’s Security+ is the one entry level certification that really has a bit of an ‘in’ because it’s got a long history and has simulation questions(it terms them Performance Based Questions or PBQs), normally security+ candidates might have A+, Network+, Linux+ etc making them pretty useful right away. Contrasting this CC is limited to book knowledge in five domains.

ISC2 is trying to replace or complement Security+ by offering a competing certification with some free training and a free test for a limited time, but look at how much you’ll need to stump up if you don’t pass first time… and in any case. pay fifty USD per year afterwards let’s say you’re 22 now and plan on working till you are 67 and never sit CISSP or another ISC2 that’s 2600 USD, not a bad PUPY, and a better deal than a CISSP member(125 USD PUPY) for the same cost as an associate, but it is still a significant investment.

To do it ISC2 certainly are not holding back on marketing words and hyperbole:

“Take the first step to a rewarding career with Certified in Cybersecurity (CC) from ISC2, the world’s leading cybersecurity professional organization known for the CISSP. You don’t need experience — just the passion and drive to enter a field that opens limitless opportunities around the globe.”

This might make you feel that CC is sort of CISSP junior, and look a CISSP gets paid X, therefore you might think with CC and the cybersecurity hiring shortage I could instantly get Y! “No Experience…limitless opportunities…Globe!”

But Here be Dragons.

Unfortunately CISSP gets paid precisely nothing, as do any of the letters you get, Security+, OCSP, CC etc the badges, certificates etc. none of them do any work… it’s people.

Employers with cybersecurity needs hire experienced, skilled people who can design systems, build them, troubleshoot them, break into them, repel attackers, influence decision makes with logical argument etc - certs are nice, qualifications are nice, they may be required - but without the experience they are worth nothing - ISC2s certifications do help filter out paper tigers, but with no experience ISC2’s CC can’t do this.

It’s good to have a CC in the balance, it will probably get better as there is more recognition but realistically without at least some experience in IT you won’t go through automated filters, let alone HR. As a hiring manager you get used to having no CVs… and that’s not true, they just got screened out.

There will always be exceptions, but if these are few and far between then the rule is probably good.

Do carry out a weekly study of the employment markets in the jurisdictions you can legally work in and search for prevalence of keywords etc, not all adverts are real, and many reqs get pulled - but if you trend these over time you can see what the demand is - this let’s you plan your certification path sensibly- and if you are starting out Microsoft, Google, AWS, Cisco and VMWare certifications on tools you use are very helpful.

Sorry for waxing lyrical, but I do feel there are going to be a lot of people investing time, effort and money on something that might not help them now and could be much more useful with a year or twos experience in IT.

ilkay
Viewer

 
Early_Adopter
Community Champion

Some food for thought for those seeking to break into cybersecurity from a CC, or even just into IT to grain the experience required most jobs are seemingly never posted.

 

A lot of this depends where you are, Singapore for example mandates jobs must be posted on a government site if employers want to hire a foreigner, this in theory means any job a local doesn’t want to do.

 

Most of the hidden job market advice seems to be about enhancing your network, going to meet people, and researching the companies you’d like to work for understand what makes prospective employees attractive to them.

 

https://www.forbes.com/sites/forbeshumanresourcescouncil/2023/03/21/job-seekers-four-reasons-to-embr...

 

https://www.forbes.com/sites/jackkelly/2022/11/08/how-to-hack-into-the-hidden-job-market/?sh=434cfc3...

 

https://www.cnbc.com/2022/09/22/how-to-find-hidden-job-market-roles.html 

 

 

 

 

 

 

kka65
Viewer II

Thanks. Much appreciated

sowahca
Viewer

The study guide is missing, please.