ISC2 Certified in Cybersecurity (CC) –
Comprehensive Study Guide
Covers Domains 1–5 with explanations, examples, practice questions, and references.
�Domain 1: Security Principles
1 Covers CIA Triad (Confidentiality, Integrity, Availability).
2 Principles of least privilege, separation of duties, defense in depth.
3 Governance, risk management, compliance basics.
4 Threats vs vulnerabilities vs risks.
5 Ethical responsibilities of security professionals.
6 Exam focus: CIA, access control principles, governance, ethics.
�Domain 2: Business Continuity (BC), Disaster
Recovery (DR), and Incident Response Concepts
1 Key metrics: RPO (Recovery Point Objective), RTO (Recovery Time Objective).
2 Business Impact Analysis (BIA).
3 Disaster recovery strategies: hot/warm/cold sites, cloud resilience.
4 Incident response steps: Preparation, Detection, Containment, Eradication, Recovery, Lessons
Learned.
5 Backup strategies: full, incremental, differential.
6 Exam focus: correct DR site, difference between BCP/DR, IR steps.
�Domain 3: Access Control Concepts
1 Authentication factors: something you know/have/are/do/where you are.
2 MFA requires at least two *different* factor types.
3 Identity lifecycle: provision, review, de-provision.
4 Access control models: DAC, MAC, RBAC, ABAC.
5 Federation: SAML, OIDC, Kerberos.
6 Logging, SIEM, centralized tamper-proof logs.
7 Exam focus: MFA, access control models, privilege creep.
�Domain 4: Network Security
1 OSI & TCP/IP models, common ports (80, 443, 22, etc.).
2 Secure protocols: SSH, HTTPS, SFTP.
3 Network design: defense in depth, DMZ, VLANs, zero trust.
4 Devices: firewalls, IDS/IPS, proxies, load balancers.
5 Secure comms: TLS, IPSec, VPNs.
6 Wireless security: WPA2/WPA3, 802.1X enterprise auth.
7 Common attacks: DoS, MITM, spoofing, sniffing.
8 Monitoring: SIEM, honeypots, NetFlow.
9 Exam focus: OSI mapping, secure designs, mitigations.
�Domain 5: Security Operations
1 SOC functions: monitoring, incident detection, escalation.
2 Incident Response steps (NIST SP 800-61).
3 Business continuity & disaster recovery: BCP/DRP planning, backups, redundancy.
4 Change/configuration management, version control.
5 Vulnerability management: scanning, patching, pen testing.
6 Security awareness training.
7 Vendor/supply chain security.
8 Metrics: MTTD, MTTR.
9 Exam focus: IR order, RPO vs RTO, backup types, change mgmt.
�References & Further Reading
1 ISC2 Certified in Cybersecurity (CC) Official Study Guide – Wiley.
2 NIST SP 800-61 Rev.2 – Incident Handling Guide.
3 NIST SP 800-34 Rev.1 – Contingency Planning Guide.
4 NIST SP 800-41 Rev.1 – Firewall Policy Guidelines.
5 NIST SP 800-207 – Zero Trust Architecture.
6 ISO/IEC 27035 – Incident Management.
7 RFC 4301 – IPSec Security Architecture.
8 Cisco SAFE Network Design Principles – [Link]
9 OWASP Networking & Secure Operations Guidelines – [Link]
10 SANS Institute Whitepapers – [Link]
11 CompTIA Security+ SY0-701 Objectives for cross-reference.
