Hey everyone! ISC2 is still offering their free online self-paced training courses and a free exam at the Pearson VUE Test Center. I’d say that the exam is easy-moderately difficult with some questions that make you think hard. Here you’ll find the roadmap I used to study for the exam.
Exam essentials
- CC includes 100 multiple-choice questions to be completed in 2 hours. The passing grade is 700 out of 1000 points.
- The CC exam can only be taken at the Pearson VUE Testing Center, where 2 different IDs are required during check-in.
- During the exam, you are unable to skip questions or revisit previously answered ones.
- Only the first attempt of the exam is free! During my exam, I found some of the questions challenging. So, I highly recommend preparing thoroughly before taking the attempt.
- After passing the exam, a $50 annual maintenance fee is required to be certified.
CC Domains
Domain 1: Security Principles (26%)
Domain 2: Business Continuity, Disaster Recovery, and Incident Response (10%)
Domain 3: Access Control Concepts (22%)
Domain 4: Network Security (24%)
Domain 5: Security Operations (18%)
My study process
- First, it took me around 7 days to go through the online self-paced training courses provided by ISC2.
- I discovered this GitHub repository that had a lot of notes, PDFs and flashcards for the exam.
- I also watched this entire YouTube playlist by Prabh Nair. I love how he explained questions in detail with proper reasoning for each one of them.
- Another great resource for practice questions is this playlist by Certification Terminal. These are slightly longer videos but do cover a lot of practice questions in depth.
- Then, I took this short course/ test on Coursera, which helped me understand the weightage of each domain and exam objectives, along with exam strategies. The graded 3-hour quiz is meant to simulate a real CC exam, but you’d have to pay for the course to get it. The 1-hour ungraded quiz is free, and I took that.
- I turned to LinkedIn Learning to do these practice exams to further reinforce my learning. They were a bit different from the ones provided by ISC2. Just select “Launch Practice Test” on the left of the screen to start them. They are proper 2-hour tests so my recommendation is to take the timed version and do at least 1 per day.
Optional: You can take Mike Chapple’s LinkedIn learning course for CC which has a lot of excellent reviews but since I don't have LinkedIn premium, I couldnt use the resource. However his notes are available free of cost which can be accessed here
Conclusion
If you can get a score of around 80%+ on the practice tests, I'm confident you can pass the CC exam with little to no difficulty. I felt the free course material provided by ISC2 was not enough to prepare for the exam. I’d suggest candidates study from the material provided above or study each domain in depth from various resources available freely. Having a background in cybersecurity does help pass the test but you should be fine self-studying