Domain Map and Time Allocation
Key Takeaways
- The current CC outline has five weighted domains: Security Principles, BC/DR/IR, Access Controls, Network Security, and Security Operations.
- Security Principles is the largest domain at 26%, followed by Network Security at 24% and Access Controls at 22%.
- Study time should follow both domain weight and personal weakness, not a flat equal split.
- Security Operations and BC/DR/IR are smaller by weight but often connect to realistic incident and continuity scenarios.
- A useful weekly plan mixes reading, scenario review, recall drills, and timed questions.
Current CC Domain Weights
The CC exam is organized around five domains. Domain weights should shape your study plan because they show how much exam emphasis each area receives. They should not become blinders. A smaller domain can still decide a scenario if the question is about incident reporting, continuity, or disaster recovery.
| Domain | Name | Exam weight |
|---|---|---|
| 1 | Security Principles | 26% |
| 2 | Business Continuity, Disaster Recovery, and Incident Response Concepts | 10% |
| 3 | Access Controls Concepts | 22% |
| 4 | Network Security | 24% |
| 5 | Security Operations | 18% |
Security Principles is the largest domain. It establishes the language of the exam: confidentiality, integrity, availability, governance, risk, ethics, privacy, and assurance. Network Security and Access Controls are close behind, so you should expect many practical questions about securing communication paths, controlling identity, and limiting access. Security Operations connects daily work to monitoring, awareness, physical security, and change discipline. BC/DR/IR is the smallest domain, but it is highly practical because organizations must respond to disruptions in an orderly way.
Time Allocation Example
If you have 60 focused study hours, a first-pass allocation could look like this:
| Domain | Weight | Approximate study hours |
|---|---|---|
| Security Principles | 26% | 16 |
| BC/DR/IR Concepts | 10% | 6 |
| Access Controls Concepts | 22% | 13 |
| Network Security | 24% | 14 |
| Security Operations | 18% | 11 |
This allocation is a starting point. After a diagnostic quiz, move hours toward weak areas. If you already understand CIA, authentication, and policy, but you miss network segmentation and secure protocols, shift time from Domain 1 to Domain 4. If you work in IT support and know networks, but policy and incident concepts are new, move time toward Domains 1 and 2.
What Each Domain Feels Like in Questions
| Domain | Common scenario style |
|---|---|
| Security Principles | Choose the security goal, ethical response, assurance concept, or risk-aware control |
| BC/DR/IR | Put response steps in order, identify continuity terms, or choose escalation actions |
| Access Controls | Match identity, authentication, authorization, least privilege, and account lifecycle controls |
| Network Security | Identify secure protocols, segmentation, common attacks, and defensive placement |
| Security Operations | Select monitoring, awareness, change, logging, backup, and physical protection practices |
Weekly Mix
A strong week does not mean reading one domain from start to finish and forgetting it. Mix four activities:
| Activity | Purpose |
|---|---|
| Read and annotate | Build vocabulary and concept boundaries |
| Scenario review | Convert terms into workplace decisions |
| Recall drills | Make high-yield facts fast, such as domain weights and control categories |
| Timed questions | Practice pacing and pressure |
Scenario: Rebalancing by Evidence
A candidate studies 20 hours and takes a mixed review. They score well on definitions but miss questions about choosing the first incident response action and distinguishing authentication from authorization. Their next week should not simply follow the original table. They should add incident order practice, account lifecycle scenarios, and access control examples. Domain weights guide the plan, but missed questions tell you where the next study hour has the highest return.
Treat the domain map like a budget. Spend most of your time where the exam spends most of its weight, but reserve enough flexibility to repair weak decisions before test day.
Match each current CC domain to its exam weight.
Match each item on the left with the correct item on the right
A candidate has 60 study hours and no diagnostic data yet. Which allocation is most defensible?
Which activities belong in a healthy weekly CC study mix? Select all that apply.
Select all that apply