cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
TeflonDon36
Newcomer II

CC Exam Scheduled - Nervous

**** Update **** - took test about 2 weeks ago and passed. I just paid my $50 AMF yesterday and I’m officially CC certified. Good luck to all those studying and preparing.

All I used to study was the material given by ISC, nothing more and nothing less.

No PBQs on the exam.

Best,

James


I've been in a helpdesk role for 6+ years, and NEED to branch out of this role. I'm opting to go the Security, Cloud route and thought I'd take advantage of the CC exam since it's free. I've gone through most of the videos, and have passed all assesments in the high 700 range. 
 
Do the assesment questions that are available change? Or are they always the same? 
 
I assume I'm ready to take the exam if I can pass the assesments. *PRAY* - I hate testing!  



40 Replies
ssk120k
Reader I

what am i paying the $50 costing for? Dont i get a print out saying i passed? 

Tess
Newcomer II

The $50 annual payment is what ISC2 calls it's "AMF": annual maintenance fee.

 

Call it your membership fee. Without paying that fee, you are not allowed to say on your resumé that you're officially ISC2 CC certified. 

 

The same scheme applies to SSCP, CISSP and the other "big brothers" of the CC exam.

Tess
Newcomer II

Of course the practice questions aren't on the exam! Why would ISC2 tell you explicitly the questions that will be on the test? No proper educational institution does that. 

rapphyyy
Newcomer I

Hi I read your post, men you are 100 percent correct. 

Do you have a specific c++ resource you can send to me? I took the CC exam two days ago I did not pass it. The assessment test is absolutely and totally different from the exam, and that was my mistake. I dependent on the self pace assessment learning but it’s a complete and total different question form the exam. it didn’t help me at all. I’m preparing for the second test next year 20223 so I need to do some thing differently in terms of practice, if you have any c++ resource kindly send to me.

jonesm30
Newcomer I

taking exam on 11/7/24! Definitely in need of a study partner! I really love these flowchart  but started to realize that the ports and specific security controls are not on here and the practice tests have had technical like SIEM and PORT questions that really surprise!

eagleseyes
Newcomer I

@jonesm30 I was thinking to be a date for that day as well... Let me know if we can be can study together as well..
MamaRamy
Viewer

I will also retake the exam on that day. What I have so far is the ebook CC study guide by Mike Chapple. Thank you for the link to the flowchart.

Good luck to us all.
jonesm30
Newcomer I

let us study! first thing I've been hearing to re-study are the Canons! I did the mnemonic device: PAPA! protect, advance, provide and act!  *I had to switch to the next day so that I am not taking the test the day right after work! Also was able to stop at the Pearson VU testing center and confirm the test date and time! Don't forget to sign your second ID lol, ss card or debit card must be signed.

jonesm30
Newcomer I

you have the mike Chappel guide! I am strongly considering getting another Linkedin subscription to access his course however Linkedin makes it impossible to get them to stop charging you lol, might be ok with his youtube videos while making sense of the material through notes!

jonesm30
Newcomer I

@eagleseyes 

Is there a thread in the study group where its more appropriate to break out the mnemonic devices that i put together lol: 

for the OSI 7-layer model "please do not touch superman's private area" for physical, date, network, transport, session, presentation and application? which is by far the most fav/memorable..

 

little at odds with the armadillos take in new ants; it stays in the memory, but it may not line up exactly with the TCP stack ISC2 has:

application, transport, internet, network access... vs ISC2 "layers" application layer, transport layer, internet layer and network interface layer..

 

it seems even more important than the order or what they particular roles are but what the vulnerabilities/tools are appropriate for each level..

 

1 physical - cable manipulation to (CPTED[like those underwater servers of google?]) 

data link - vlan hopping to (vlan segmentation [overlapping vlans were an awesome use of switches])

network layer - DDoS attacks! to (access control lists, IDS and IPS [IDS typically being cheaper than the IPS])

Transport layer - port scanning to (secure transport protocols)

Session layer - session hijacking to ( session timeouts)

Presentation Layer - phishing to (cyber security training and secure coding practices)

7 Application Layer - cross-site scripting (XSS) to (regular security updates and patches)

 

that flow chart link was not made by me, but these notes were, sin embargo (nonetheless) I cannot yet vouch for their strength as I haven't taken the exam yet, and once I do I am pretty sure I cannot be submitting here which notes I felt helped the most with too much detail.

It seems other previous test takers kind of "on the nose" try to bring attention to the canons, not something you want to accidentally think you have in the back pocket and then not have them when you need during the exam... it seems that the CISSP (my goal for next cert) hugely bases an understanding of those canons to be present within the tester, so heres to getting started early! lol

pretty sure a moderator will redirect me if need be lol