Certified in Cybersecurity (CC) Practice Test
Prepare for the ISC2 Certified in Cybersecurity exam with free practice tests aligned to the real CC format. Each test has 20 questions with a proportional timer matching the actual exam pace of 1.2 minutes per question.
Mixed Set — Certified in Cybersecurity (CC) Practice Tests
Questions distributed across all 5 domains according to the official ISC2 CC exam blueprint. The highest-weighted domain — Security Principles — appears most frequently, just like the real exam.
Domain Wise — Certified in Cybersecurity (CC) Mock Tests
Target individual CC domains with focused practice. Each mock test covers 20 questions from a single domain to help you build mastery across every area of the ISC2 Common Body of Knowledge for entry-level cybersecurity.
About the Certified in Cybersecurity (CC) Exam
Everything you need to know about the CC exam format, who it is for, and why the ISC2 Certified in Cybersecurity credential is one of the best entry points into a professional cybersecurity career.
What Is the Certified in Cybersecurity (CC)?
The ISC2 Certified in Cybersecurity (CC) is an entry-level cybersecurity certification designed for individuals starting their security career — including career changers, recent graduates, IT professionals transitioning into security, and those with no prior cybersecurity experience. Launched by ISC2 as part of their One Million Certified in Cybersecurity (1MCC) initiative, the CC was created to help address the global cybersecurity workforce gap by making a credible, ANAB-accredited certification accessible to a broad audience.
The CC validates foundational knowledge across five core domains: Security Principles, Business Continuity and Incident Response, Access Controls, Network Security, and Security Operations. It is recognized globally and backed by ISC2 — the world's largest cybersecurity professional organization. Holders qualify for entry-level roles including SOC Analyst (Tier 1), Junior Security Analyst, IT Support Specialist with a security focus, Cybersecurity Technician, and Junior Security Consultant. The CC also serves as a natural stepping stone toward advanced ISC2 certifications such as the SSCP and CISSP.
Exam Format (2026)
Testing method: Computerized Adaptive Testing (CAT) at authorized Pearson VUE testing centers worldwide. Moved to CAT format globally in October 2025.
Questions: 100 multiple-choice questions.
Duration: 2 hours (approximately 1.2 minutes per question).
Question types: Multiple-choice with a single correct answer per question. No back-navigation — answers are final once submitted.
Passing score: 700 on a scaled score of 1,000 points.
Exam fee: $199 USD standard; free for eligible candidates through ISC2's One Million Certified in Cybersecurity (1MCC) program.
Eligibility Requirements
Prerequisites: None. The CC has no formal prerequisites and is open to anyone regardless of experience level or educational background.
Work experience: Not required. The CC is specifically designed for individuals without prior cybersecurity work experience.
Free program eligibility: Through ISC2's 1MCC initiative, candidates who are not already ISC2-certified can access free online self-paced training and one free exam attempt. Visit isc2.org/landing/1mcc to enroll.
Certification application: After passing, submit your application and agree to the ISC2 Code of Ethics within 9 months. No endorsement from another ISC2 member is required for the CC.
Renewal: Pay an Annual Maintenance Fee (AMF) of $50 per year to keep the certification active. Note: A new CC exam outline takes effect September 1, 2026 — check the official ISC2 site if your exam is near or after that date.
CC Domain Weights — Current Exam Outline
The CC exam tests knowledge across five entry-level cybersecurity domains. Security Principles carries the most weight at 26%, making it the highest-priority study area along with Network Security (24%) and Access Controls Concepts (22%).
| Domain | Topic | Weight |
|---|---|---|
| Domain 1 | Security Principles | 26% |
| Domain 2 | Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts | 10% |
| Domain 3 | Access Controls Concepts | 22% |
| Domain 4 | Network Security | 24% |
| Domain 5 | Security Operations | 18% |
How Our Practice Tests Are Designed
Entry-level scenario style — Every CC practice question is written to match the conceptual and scenario-based style used in the actual ISC2 exam. You are tested on your ability to apply fundamental cybersecurity knowledge to realistic situations — choosing the correct access control model for a scenario, identifying the right network security device, or selecting the appropriate incident response step — rather than simply recalling definitions.
Blueprint-aligned mixed sets — Mixed practice tests distribute questions proportionally across all 5 CC domains per the official ISC2 exam outline. Domain 1 (Security Principles) at 26% and Domain 4 (Network Security) at 24% appear most frequently, reflecting the real exam's weighting so your practice mirrors actual exam conditions.
Proportional timer — The real CC exam allows 2 hours for 100 questions, approximately 1.2 minutes per question. Each 20-question practice test is timed at about 24 minutes to match this pace and build the time discipline needed on exam day.
Domain-specific deep dives — Use the five domain-wise tests to concentrate on areas where your preparation needs the most reinforcement. This targeted approach is especially valuable for candidates who are stronger in one area (such as network security) but need additional work in others (such as access control models or BC/DR concepts).
CC Exam Preparation Tips
Study Strategy
Start with the free ISC2 self-paced training: ISC2 provides free online self-paced training for CC candidates through the 1MCC program. This official course is aligned directly to the exam outline and is the most accurate study resource available. Use it as your primary foundation before supplementing with practice tests.
Prioritize Domains 1, 3, and 4: Security Principles (26%), Access Controls (22%), and Network Security (24%) together make up 72% of the exam. Ensure you have a strong grasp of the CIA triad, access control models, and OSI/TCP-IP concepts before focusing on the lower-weight domains.
Understand concepts, not just definitions: The CC exam tests application of knowledge. Study each concept by asking "How would this apply in a real scenario?" — such as which type of control to implement, or what the first step of the incident response process would be in a given situation.
Test-Taking Strategy
No going back in CAT: The CC moved to Computerized Adaptive Testing in October 2025. Once you submit an answer, you cannot return to it. Read each question carefully, commit to your best answer, and move forward — do not leave any question unanswered hoping to return.
Pace yourself at 1.2 minutes per question: With 100 questions in 2 hours, you have roughly 72 seconds per item. Use our 24-minute timed practice sessions to internalize this rhythm. Candidates who underestimate the pace often find themselves rushing through the final 20 questions under pressure.
Eliminate distractor answers systematically: CC questions often include two clearly wrong answers and two plausible ones. Eliminate the obviously incorrect options first, then choose the response that best fits the principle being tested — favoring answers that align with least privilege, defense-in-depth, or standard security best practices.
Frequently Asked Questions
Ready to Test Your CC Knowledge?
Start with a mixed set to measure your readiness across all five domains, then use domain-wise tests to sharpen your weakest areas before exam day.
Start CC Practice Test 1 →
