Loading exam details…
Loading exam details…
A current guide to the ISC2 CC exam, including CAT format, 2-hour timing, 100-125 items, 700 passing score, Pearson VUE delivery, current domain weights, AI-security updates, and the September 2026 outline change.
ISC2 CC is built for newcomers to cybersecurity. The current outline is effective October 1, 2025, and candidates testing on or after September 1, 2026 should use the new outline ISC2 has announced.
Use these points before preparing for Certified in Cybersecurity.
Certified in Cybersecurity is administered by ISC2.
The current CC exam outline is effective October 1, 2025, with a new outline scheduled for September 1, 2026.
The exam uses computerized adaptive testing with 100-125 multiple-choice and advanced item types.
Candidates have 2 hours, and the passing grade is 700 out of 1000 points.
Security Principles is 26%, BC/DR/Incident Response is 10%, Access Controls is 22%, Network Security is 24%, and Security Operations is 18%.
The CC exam is delivered at Pearson VUE testing centers.
The current CC outline is effective October 1, 2025, and ISC2 has announced a new outline for September 1, 2026. Candidates should match their study materials to the actual exam date.
The CC exam uses computerized adaptive testing. Candidates should answer each item carefully because adaptive delivery is not the same as a fixed-form practice quiz.
Security Principles and Network Security carry the largest weights, but Access Controls and Security Operations are also substantial, and BC/DR/Incident Response remains a distinct tested area.
ISC2 lists Pearson VUE testing centers for CC delivery. Candidates should verify appointment details, ID requirements, language availability, arrival timing, and candidate agreement rules before the exam.
Use this CC (Certified in Cybersecurity) exam help page for exam-specific context, then compare the broader online exam help services page or contact HiraEdu if you need a direct handoff. This page stays focused on CC (Certified in Cybersecurity) while the linked service pages cover broader exam support options.
The ISC2 Certified in Cybersecurity (CC) credential is designed for newcomers to cybersecurity and validates foundational knowledge for entry-level or junior cybersecurity roles. The current ISC2 CC exam outline is effective October 1, 2025, with a notice that a new outline applies September 1, 2026. The current exam uses computerized adaptive testing, lasts 2 hours, includes 100-125 multiple-choice and advanced item types, and requires a 700 out of 1000 passing grade. It is delivered at Pearson VUE testing centers and is available in English, Chinese, Japanese, German, and Spanish, with Chinese language availability limited to select appointment windows. Current domain weights are Security Principles (26%), Business Continuity, Disaster Recovery, and Incident Response Concepts (10%), Access Controls Concepts (22%), Network Security (24%), and Security Operations (18%). Preparation should cover confidentiality, integrity, availability, authentication, non-repudiation, privacy, risk management, security controls, ISC2 Code of Ethics, governance, business continuity, disaster recovery, incident response, physical and logical access controls, network models, ports, applications, threats, IDS/IPS, firewalls, segmentation, cloud concepts, encryption, data handling, logging, monitoring, system hardening, security policies, awareness training, and the foundational AI-security concepts ISC2 integrated across the domains.
ISC2 lists 100-125 multiple-choice and advanced item types for the current Certified in Cybersecurity exam.
The current exam length is 2 hours.
ISC2 lists a passing grade of 700 out of 1000 points.
Security Principles is 26%, BC/DR/Incident Response is 10%, Access Controls is 22%, Network Security is 24%, and Security Operations is 18%.
ISC2 states that the current outline is effective October 1, 2025, and that a new CC exam outline applies September 1, 2026.
Check whether your appointment falls under the current October 2025 outline or the new outline beginning September 1, 2026.
Prioritize Security Principles, Network Security, Access Controls, and Security Operations while keeping BC/DR/Incident Response in the plan.
Practice CIA, authentication, privacy, risk, controls, governance, incident response, access control models, network threats, segmentation, cloud, encryption, logging, hardening, and policies.
Review foundational AI-security concepts such as model poisoning, model drift, AI service accounts, AI-enabled monitoring, alert fatigue, data leakage, and safe AI workspace behavior.
Review Pearson VUE scheduling, ID, language availability, check-in, 2-hour pacing, CAT behavior, and ISC2 exam rules.
Use the guide to self-serve, or talk to a coordinator if you need help mapping timelines, official requirements, or troubleshooting day-of logistics.
CISSP (Certified Information Systems Security Professional)
Pearson VUE
View serviceCCSP (Certified Cloud Security Professional)
Pearson VUE
View serviceSSCP (Systems Security Certified Practitioner)
Pearson VUE
View serviceCGRC (Certified in Governance, Risk and Compliance)
Pearson VUE
View serviceCSSLP (Certified Secure Software Lifecycle Professional)
Pearson VUE
View serviceCISM (Certified Information Security Manager)
PSI
View service