ISC2 Certified in Cybersecurity® (CC®)

This accelerated ISC2 Entry-Level Cybersecurity Certification course introduces the ultimate starting point for an exciting and rewarding career in cybersecurity —ISC2 entry-level cybersecurity certification. You don't need work experience, just a passion and the drive to enter a challenging and rewarding field, one that protects the world from cyber threats and bad actors.

The entry-level cybersecurity certification enables students, incoming professionals and career changers to build confidence and enter their first cybersecurity role prepared for what's next.

ISC2 has begun the exciting process of exploring the creation of a new certification. To fill the cybersecurity workforce gap, we need to address the workforce shortage facing the industry, especially among entry- and junior-level positions. A foundational cybersecurity certification will help ISC2 build a pathway to a rewarding career in cybersecurity for many around the world.

The entry-level cybersecurity certification will prove to employers you have the foundational knowledge, skills and abilities necessary for an entry- or junior-level cybersecurity role. It will signal your understanding of fundamental security best practices, policies and procedures, as well as your willingness and ability to learn more and grow on the job.

The ISC2 entry-level cybersecurity certification is the first step on a career-long journey that will help cybersecurity professionals gain experience and work toward advanced qualifications such as the ISC2 CISSP and ISC2 CCSP.

We believe a need still exists in our industry for a certification that is attainable for newcomers and recognizes the growing trend of people entering the cybersecurity workforce without direct IT experience. Employers need confidence that when hiring new entrants into the field they have a solid grasp of the right technical concepts, and a demonstrated aptitude to learn on the job. Moreover, as an ISC2 certification, the recipient will be an ISC2 member backed by the world's largest network of certified cybersecurity professionals helping them continue their professional development and earn new achievements and qualifications throughout their career.

At the end of this course, you'll achieve your ISC2 Entry-Level Cybersecurity Certification.

Through Firebrand's Lecture | Lab | Review methodology you'll certify at twice the speed of traditional training and get access to courseware, learn from certified instructors, and train in a distraction-free environment.

40% faster

Distraction-free environment

Audience

This course is ideal for Individuals pursuing a career in cybersecurity, which can include recent college graduates or those wishing to change careers and entry- and junior-level positions.

ISC2 Premier Training Partner

At Firebrand, we are proud to be an Official Training Premier Partner of ISC2 for 2025 in recognition of our commitment to delivering world-class training, certification, and professional development opportunities for Cybersecurity professionals.

Domain 1: Security Principles

• 1.1 Understand the security concepts of information assurance Confidentiality Integrity Availability Authentication (e.g., methods of authentication, multi-factor authentication (MFA)) Non-repudiation Privacy 1.2 Understand the risk management process Risk management (e.g., risk priorities, risk tolerance) Risk identification, assessment and treatment
• 1.3 Understand security controls Technical controls Administrative controls Physical controls
• 1.4 Understand ISC2 Code of Ethics Professional code of conduct
• 1.5 Understand governance processes Policies Procedures Standards Regulations and laws

Domain 2: Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts

• 2.1 Understand business continuity (BC) Purpose Importance Components
• 2.2 Understand disaster recovery (DR) Purpose Importance Components
• 2.3 Understand incident response Purpose Importance Components

Domain 3: Access Controls Concepts

• 3.1 Understand physical access controls Physical security controls (e.g., badge systems, gate entry, environmental design) Monitoring (e.g., security guards, closed-circuit television (CCTV), alarm systems, logs) Authorized versus unauthorized personnel
• 3.2 Understand logical access controls Principle of least privilege Segregation of duties Discretionary access control (DAC) Mandatory access control (MAC) Role-based access control (RBAC)

Domain 4: Network Security

• 4.1 Understand computer networking Networks (e.g., Open Systems Interconnection (OSI) model, Transmission Control Protocol/Internet Protocol (TCP/IP) model, Internet Protocol version 4 (IPv4), Internet Protocol version 6 (IPv6), WiFi) Ports Applications
• 4.2 Understand network threats and attacks Types of threats (e.g., distributed denial-of-service (DDoS), virus, worm, Trojan, man-in-the-middle (MITM), side-channel) Identification (e.g., intrusion detection system (IDS), host-based intrusion detection system (HIDS), network intrusion detection system (NIDS)) Prevention (e.g., antivirus, scans, firewalls, intrusion prevention system (IPS))
• 4.3 Understand network security infrastructure On-premises (e.g., power, data center/closets, Heating, Ventilation, and Air Conditioning (HVAC), environmental, fire suppression, redundancy, memorandum of understanding (MOU)/memorandum of agreement (MOA)) Design (e.g., network segmentation (demilitarized zone (DMZ), virtual local area network (VLAN), virtual private network (VPN), micro-segmentation), defense in depth, Network Access Control (NAC) (segmentation for embedded systems, Internet of Things (IoT)) Cloud (e.g., service-level agreement (SLA), managed service provider (MSP), Software as a Service (SaaS), Infrastructure as a Service (IaaS), Platform as a Service (PaaS), hybrid)

Domain 5: Security Operations

• 5.1 Understand data security Encryption (e.g., symmetric, asymmetric, hashing) Data handling (e.g., destruction, retention, classification, labeling) Logging and monitoring security events
• 5.2 Understand system hardening Configuration management (e.g., baselines, updates, patches)
• 5.3 Understand best practice security policies Data handling policy Password policy Acceptable Use Policy (AUP) Bring your own device (BYOD) policy Change management policy (e.g., documentation, approval, rollback) Privacy policy
• 5.4 Understand security awareness training Purpose/concepts (e.g., social engineering, password protection) Importance

Unlike other ISC2 certifications, there is no work experience requirement to earn this certification.

At the end of this accelerated course, you can sit the following exam at any Pearson VUE Authorized Test Center, covered by your Certification Guarantee:

ISC2 Entry-Level Cybersecurity Certification

Domains:

• Security Principles 26% 20 Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts 10%
• Access Controls Concepts 22%
• Network Security 24%
• Security Operations 18%