Certified In Cybersecurity

ISC2 Certified in Cybersecurity is a foundational cybersecurity certification designed to help recipients build a pathway to a rewarding career in cybersecurity.

This entry-level certification will prove to employers you have the foundational knowledge, skills and abilities necessary for an entry- or junior-level cybersecurity role. It proves your willingness and ability to learn and grow on the job.

ISC2 developed the Certified in Cybersecurity (CC) credential for newcomers to the field, to recognize the growing trend of people entering the cybersecurity workforce without direct IT experience.

Getting Certified in Cybersecurity provides employers with the confidence that you have a solid grasp of the right technical concepts, and a demonstrated aptitude to learn on the job.

Syllabus:

• Domain 1: Security Principles
• 1.1 - Understand the security concepts of information assurance
• Confidentiality
• Integrity
• Availability
• Authentication (e.g., methods of authentication, multi-factor authentication (MFA))
• Non-repudiation
• Privacy
• 1.2 - Understand the risk management process
• Risk management (e.g., risk priorities, risk tolerance)
• Risk identification, assessment and treatment
• 1.3 - Understand security controls
• Technical controls
• Administrative controls
• Physical controls
• 1.4 - Understand ISC2 Code of Ethics
• Professional code of conduct
• 1.5 - Understand governance processes
• Policies
• Procedures
• Standards
• Regulations and laws
• Domain 2: Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
• 2.1 - Understand business continuity (BC)
• Purpose
• Importance
• Components
• 2.2 - Understand disaster recovery (DR)
• Purpose
• Importance
• Components
• 2.3 - Understand incident response
• Purpose
• Importance
• Components
• Domain 3: Access Controls Concepts
• 3.1 - Understand physical access controls
• Physical security controls (e.g., badge systems, gate entry, environmental design)
• Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs)
• Authorized versus unauthorized personnel
• 3.2 - Understand logical access controls
• Principle of least privilege
• Segregation of duties
• Discretionary access control (DAC)
• Mandatory access control (MAC)
• Role-based access control (RBAC)
• Domain 4: Network Security
• 4.1 - Understand computer networking
• Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi)
• Ports
• Applications
• 4.2 - Understand network threats and attacks
• Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel)
• Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS))
• Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))
• 4.3 - Understand network security infrastructure
• And more.