As a bachelor’s student with a background in Java programming, I recently passed the ISC2 CC certification exam and want to share my experience. I’m aiming to enter the cybersecurity field, and upon discovering the ISC2 1M CC program, I decided to seize the opportunity.

First, let’s discuss the online self-paced course. The course’s environment and UI/UX design are excellent and user-friendly. However, the teaching methodology didn’t meet my expectations as I usually prefer video courses with hands-on experience. This might vary for others, though. In this course, you’ll delve into theoretical concepts and definitions of cybersecurity. While it may not enhance your technical skills, it’s an excellent choice for beginners. It provided me with a clearer understanding and better categorization of concepts, despite already knowing about 50% to 60% of the material (a pre-assessment test which is available, where I scored around 73%, helps gauge your knowledge). However, I discovered new professional and academic terminologies and learned about specific differences I was previously unaware of. Overall, it’s a beneficial course, especially if your knowledge is below the CompTIA Network+ level. If your knowledge aligns with or surpasses Network+, aiming for CompTIA Security+ might be more suitable.

Regarding the exam, it consists of 100 questions, including 25 unscored ones (you won’t know which, so answer all carefully). You have 120 minutes to complete it, but the questions are straightforward, allowing me to finish in 50 minutes. Here’s how I prepared:

I strongly recommend focusing on the official ISC2 material, as it’s comprehensive enough to pass the exam by understanding the concepts (for additional queries, ISC2 responds via email, but I found using GPT for further explanations quicker and easier). When studying, don’t get lost in minor details; aim to grasp the broader picture and its rationale. The concepts are logical, so applying critical thinking is crucial. Although I believe revisiting the course material is unnecessary (at least for me, I don’t like repeating) if grasped well initially, I supplemented my preparation with two practice tests from LinkedIn Learning (four are available), a beneficial strategy. Additionally, LinkedIn Learning and StationX offer video courses for those seeking extra training.

Exam Tips:

1. Memorizing abbreviations and acronyms isn’t essential, as the exam provides full names. However, if possible, familiarizing yourself with them can be helpful.
2. You’ll encounter questions not covered by the ISC2 course material (e.g., ping flood for me). Don’t worry; use logic to answer these. They are those 25 questions that I mentioned.
3. Once you answer a question, you can’t return to it, so choose carefully but also manage your time efficiently. Guess the best option when unsure, as there’s no penalty for incorrect answers.
4. The exam may ask about the same term in different ways, so understanding each term thoroughly is beneficial (ISC2 flashcards can aid in this). You can lose 2 or 3 question by just forgetting one term!
5. Preparation time varies by individual (it took me about 20 hours), and I recommend taking the exam when consistently scoring above 85% on practice and ISC2 final assessments. Remember, failing the exam requires a $200 fee, and you must wait a month before retaking it.

I hope this helps, and I’ll share some review content here for further preparation. If you have any questions, don’t hesitate to ask.