CC cheat sheet

A one-page reference for the ISC2 CC — Certified in Cybersecurity exam: the format, how the domains are weighted, and the glossary terms for this exam.

Exam at a glance

Vendor
ISC2
Level
Foundational
Questions
100
Time
120 min
Mock pass mark
70%
Domains
5
Practice Qs
145
Code
CC

Domain weightings

How much of the exam each domain covers. Spend your study time in proportion — the heavier the domain, the more questions you'll see.

Key terms

CIA Triad
The CIA triad is the trio of confidentiality, integrity, and availability that defines the goals of information security. CC Domain 1 uses it as the foundation for understanding every control.
Non-repudiation
Non-repudiation ensures that someone cannot credibly deny having taken an action, typically through logging and digital signatures. CC lists it alongside authentication and privacy as an extension of the core CIA security principles.
Defense in Depth
Defense in depth uses multiple layers of controls so that if one fails, others still protect the asset. CC introduces it as a fundamental security principle for beginners.
Least Privilege
Least privilege means giving a user or process only the access it needs to do its job, and nothing more. CC pairs it with need-to-know to limit the damage from misuse or compromise.
Risk
Risk is the potential for loss when a threat exploits a vulnerability, measured by likelihood and impact. CC teaches basic risk treatment options: accept, avoid, mitigate, or transfer.
Security Controls
Security controls are the safeguards used to reduce risk, grouped as technical, administrative, and physical. CC expects you to classify a given control into the correct category.
Multi-factor Authentication
Multi-factor authentication (MFA) requires two or more different factors — something you know, have, or are — to verify identity. CC treats MFA as a core defense against credential theft.
Access Control Models
Access control models — DAC, MAC, and RBAC — define how permissions are assigned and enforced. CC Domain 3 asks you to recognize each model and when it applies.
Firewall
A firewall filters network traffic against a set of rules to allow or block connections between network segments. CC covers firewalls among core network security infrastructure alongside IDS/IPS and VPNs.
IDS/IPS
IDS/IPS is the pairing of an Intrusion Detection System (IDS), which alerts on suspicious traffic, and an Intrusion Prevention System (IPS), which can actively block it. CC introduces both as monitoring and defensive network controls.
DDoS
A Distributed Denial-of-Service (DDoS) attack floods a target with traffic from many sources to exhaust its resources and deny availability. CC lists it among common network threats.
Hashing
Hashing produces a fixed-length, one-way fingerprint of data that is used to verify integrity rather than to conceal content. CC contrasts it with encryption, which is reversible with a key.
Encryption
Encryption transforms readable data into ciphertext that can only be reversed with the correct key, protecting confidentiality. CC covers symmetric and asymmetric encryption for data at rest and in transit.
Data Classification
Data classification labels information by sensitivity so that appropriate handling, retention, and destruction rules apply. CC covers it under security operations as the basis for proportionate protection.
Acceptable Use Policy
An Acceptable Use Policy (AUP) defines how employees may use organizational systems and data. CC treats it as a key administrative control reinforced through security awareness training.