Career upgrade: Learn practical AI skills for better jobs and higher pay.
Level up
PracticeVideosBlogFlashcardsEspañol
Cheat sheet

ISC2 CC Cheat Sheet

Practice QuestionsStudy Guide

Security Principles

26%of exam

CIA TriadRiskControlsGovernanceEthics

BC DR IR

10%of exam

Business ContinuityDisaster RecoveryIncident ResponseBackupsTabletops

Access Controls

22%of exam

AuthenticationAuthorizationMFALeast PrivilegePhysical Access

Network Security

24%of exam

PortsFirewallsIDS IPSVPNSegmentation

Security Operations

18%of exam

Data SecurityHardeningPatchingAwarenessPolicies

Quick Facts

Exam
ISC2 CC
Format
CAT
Items
100-125
Time
2 hours
Pass
700/1000
Level
Entry level
Prereq
None
Change
Sep 1 2026

CIA

Hide, trust, reach

ConfidentialityIntegrityAvailability

Risk vs Threat

Risk

  • Likelihood impact
  • Business exposure
  • Measured

Threat

  • Potential cause
  • Actor/event
  • May exploit

Exposure vs cause

Control Picker

  1. Need policyAdministrative
  2. Need toolTechnical
  3. Need lockPhysical
  4. Stop attackPreventive
  5. Find attackDetective
  6. Fix afterCorrective

CIA Triad

Confidentiality
Prevent disclosure
Integrity
Prevent tampering
Availability
Ensure access
Nonrepudiation
Cannot deny
Privacy
Personal data rights
Assurance
Confidence level

Vulnerability vs Exploit

Vulnerability

  • Weakness
  • Can be fixed
  • Scan finding

Exploit

  • Attack method
  • Uses weakness
  • Active abuse

Weakness vs use

Risk

Asset
Valuable resource
Threat
Potential cause
Vulnerability
Weakness
Likelihood
Chance
Impact
Damage
Risk
Likelihood x impact
Tolerance
Acceptable risk
Residual risk
Risk remaining

Controls

Administrative
Policies/processes
Technical
Systems/tools
Physical
Locks/guards
Preventive
Stop event
Detective
Find event
Corrective
Fix issue
Deterrent
Discourage action

IR Flow

Prepare, detect, contain, recover

PrepareDetectAnalyzeContainRecover

BCP vs DRP

BCP

  • Business continues
  • Processes
  • People/sites

DRP

  • Systems recover
  • Technology
  • Restore order

Business vs systems

Incident Picker

  1. Before incidentPreparation
  2. Alert appearsDetection
  3. Scope unclearAnalysis
  4. Damage spreadingContainment
  5. Cause remainsEradication
  6. Service restoredRecovery

Resilience Terms

BCP
Continue business
DRP
Recover systems
IRP
Handle incidents
BIA
Impact analysis
RTO
Recovery time
RPO
Data loss
MTD
Max downtime
Tabletop
Discussion test

Incident Response

Preparation
Get ready
Detection
Find event
Analysis
Confirm scope
Containment
Limit damage
Eradication
Remove cause
Recovery
Restore service
Lessons learned
Improve process

Access Flow

Identify, authenticate, authorize, account

IDAuthNAuthZLogs

Authentication vs Authorization

Authentication

  • Proves identity
  • Password/MFA
  • Before access

Authorization

  • Grants permissions
  • Roles/rights
  • After identity

Who vs what

Access Picker

  1. User claims nameIdentification
  2. Verify userAuthentication
  3. Grant accessAuthorization
  4. Track actionsAccountability
  5. Job-based accessRBAC
  6. Label accessMAC

Access Basics

Identification
Claim identity
Authentication
Prove identity
Authorization
Grant permissions
Accountability
Trace actions
MFA
Multiple factors
SSO
One login
Federation
Trusted identity
Provisioning
Create access

Access Models

DAC
Owner decides
MAC
Label based
RBAC
Role based
ABAC
Attribute based
Least privilege
Minimum access
Separation duties
Split power
Need to know
Business need

Network Controls

Firewall filters; IDS alerts; IPS blocks

FirewallIDSIPSVPN

IDS vs IPS

IDS

  • Detects
  • Alerts
  • Out-of-band

IPS

  • Prevents
  • Blocks
  • Inline

Alert vs block

Network Picker

  1. Filter packetsFirewall
  2. Detect onlyIDS
  3. Block attackIPS
  4. Remote tunnelVPN
  5. Separate usersVLAN
  6. Public servicesDMZ

Network Basics

TCP
Reliable transport
UDP
Fast transport
IP
Addressing
DNS
Name resolution
DHCP
Assign addresses
NAT
Translate addresses
VLAN
Logical segment
DMZ
Public segment

Network Controls

Firewall
Filter traffic
IDS
Detect intrusions
IPS
Block intrusions
VPN
Encrypted tunnel
NAC
Control access
Proxy
Intermediary
WPA3
Wi-Fi security
Segmentation
Limit spread

Hash vs Encryption

Hash

  • One-way
  • Integrity
  • Fingerprint

Encryption

  • Reversible
  • Confidentiality
  • Key needed

Verify vs hide

Operations

Classification
Data label
Encryption
Protect secrecy
Hashing
Verify integrity
Backup
Recover data
Hardening
Reduce attack
Patching
Fix flaws
Logging
Record events
Awareness
Train users

Common Traps

AuthN vs AuthZ

AuthN proves identity AuthZ grants rights

IDS vs IPS

IDS alerts IPS blocks

Hash vs encrypt

Hash checks integrity Encryption hides data

BCP vs DRP

BCP keeps business DRP restores systems

Risk formula

Risk needs impact Threat is cause

Least privilege

Minimum access Review regularly

Last Minute

  1. 1.Weights: 26 / 10 / 22 / 24 / 18
  2. 2.CAT items: 100-125
  3. 3.Passing grade: 700/1000
  4. 4.CIA = confidentiality/integrity/availability
  5. 5.AuthN = prove identity
  6. 6.AuthZ = grant permissions
  7. 7.IDS alerts; IPS blocks
  8. 8.BCP business; DRP systems
  9. 9.Hash integrity; encryption secrecy
  10. 10.New outline starts Sep 1 2026

ISC2 Certified in Cybersecurity (CC)

Practice QuestionsStudy GuideCheat SheetFlashcards
1 blog

ISC2 CC Certified in Cybersecurity Study Guide: 2026 Exam: Aligned to the September 2026 Revised Outline

$7.99 · Buy on Amazon

Take courses on UdemyLearning path on Pluralsight
Same family resources

Explore More ISC2 Certifications

Continue into nearby exams from the same family. Each card keeps practice questions, study guides, flashcards, videos, and articles in one place.

CISSP

Cheat SheetPractice QuestionsStudy GuideFlashcards
1 video1 blog

ISC2 SSCP

Practice Questions
1 blog

ISC2 Certified in Governance, Risk and Compliance (CGRC)

Practice Questions

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)

Practice Questions

CCSP

Practice Questions

ISC2 HealthCare Information Security and Privacy Practitioner (HCISPP)

Practice Questions

More From This Family

Videos and articles for deeper review.

VideoCISSP Study Plan: 3-Month Schedule + Hours (2026)ArticleISC2 CC Certified in Cybersecurity Guide (FREE 2026)24 min readArticleCISSP Study Plan: 3-Month Schedule + Hours (2026)16 min readArticleISC2 SSCP 2026: CAT Strategy for Security Administrators7 min read