What you'll learn

Understand the core security principles covered in the ISC2 CC exam.
Explain basic cybersecurity concepts like threats, vulnerabilities, and risk.
Identify common security controls and how organizations use them.
Describe access control methods, authentication, and identity management.
Understand basic network security terms, devices, and secure protocols.
Recognize the steps in incident response, business continuity, and disaster recovery.
Apply security operations concepts such as logging, monitoring, and patching.
Prepare confidently for the ISC2 CC exam with practice questions and examples.

Course content

5 sections • 11 lectures • 33m total length

LECTURE 1: Welcome & Who This Course Is For2:08
Hi, my name is Anél Henning, and welcome to this course on the ISC2 Certified in Cybersecurity exam — also known as the CC. I hold a Bachelor of Fine Arts in Graphic Design from the Maryland Institute College of Art, a Bachelor of Science in Computer Science, and I am completing my Master of Science in Cybersecurity at Purdue Global University. I also hold a HIPAA Business Associate Certification and I am a member of ISC2, ISACA, and IEEE Women in Engineering.
LECTURE 2: About the ISC2 CC Exam2:57
The five domains.
The exam tests you across five knowledge domains. These domains are also the five sections of this course.
Domain 1 is Security Principles — this covers the CIA Triad, risk management, governance, and ethics. It carries the most weight at 26% of the exam.
Domain 2 is Business Continuity, Disaster Recovery, and Incident Response Concepts — worth 10%.
Domain 3 is Access Controls Concepts — worth 22%.
Domain 4 is Network Security — worth 24%.
Domain 5 is Security Operations — worth 18%.
Activity: Self-Assessment Quiz — 10 questions

Lecture 3: The CIA Triad (5 min)3:17
Let me give you one quick memory tip. CIA — think of it like the security of a safe. Confidentiality is the lock. Integrity is knowing nothing inside has been tampered with. Availability is knowing you can open it when you need to.
Lecture 4: Risk Management Fundamentals (6 min)3:36
A quick memory device: A-T-M-A — Avoid, Transfer, Mitigate, Accept. Think of an ATM — you use it to manage your money, just like you use these strategies to manage your risk.
Quiz: CIA Triad & Risk Management — 10 questions
Explaining CIA Triad & Risk Management Quiz4:21
In this lecture I walk you through the CIA Triad and Risk Management Quiz before you attempt it. We review the three CIA principles, the DAD Triad mirror image, the four risk treatment strategies, and the Risk Register — then work through the reasoning process for applying each concept to scenario-based questions. By the end of this walkthrough you will know how to identify which CIA principle is under attack in any scenario, how to distinguish between the four risk responses, and how to eliminate wrong answers quickly under exam conditions. Domain 1 carries the highest exam weight at 26 percent — this quiz confirms you are ready to move forward.

Lecture 5: Incident Response Lifecycle (6 min)4:21
Five takeaways before you move on.
One — three factor categories: Know, Have, Are. K-H-A.
Two — MFA requires factors from different categories. Same category twice is not MFA.
Three — 2FA is MFA with exactly two categories.
Four — SSO is an access mechanism, not a factor.
Five — strong authentication always combines categories. Weak authentication relies on only one.
This topic appears throughout the entire CC exam — in Domain 3, in scenario questions, and in access control policy questions. Know it cold.
In the next section we go deeper into access control models — the rules that determine what authenticated users are actually allowed to do once they are inside a system.
Great work. Keep going.
Assignment: PICERL Scenario Worksheet
Assignment: PICERL1:28
In this lecture I walk you through the PICERL Scenario Worksheet before you attempt it independently. We review the six phases of the NIST Incident Response Lifecycle, establish what correct decision-making looks like at each phase, and work through the opening stage of the ransomware scenario together. By the end of this walkthrough you will know exactly what the worksheet expects, how to structure your written responses, and how to think through incident response decisions the way a real security analyst would. This is the most practical assignment in the course — treat it seriously and it will prepare you for scenario questions throughout the CC exam.

Welcome to Lecture 6 — Authentication Factors.6:45
There are three categories of authentication factors, and you need to know all three cold.
Factor 1 — Something You Know.
This is the most common type of authentication. Passwords, PINs, security questions, passphrases — anything that exists in your memory. It is the oldest form of authentication and also the weakest on its own, because knowledge can be stolen, guessed, or shared.
Factor 2 — Something You Have.
This is a physical object in your possession. A smart card, a hardware token, a key fob that generates a one-time code, or your smartphone receiving an authentication app push notification. The assumption is that an attacker cannot authenticate as you unless they physically have your device.
Factor 3 — Something You Are.
This is biometric authentication — your fingerprint, face scan, iris pattern, voice recognition, or even your typing rhythm. These are tied to your physical body and are the hardest to replicate, though not impossible.
Quiz: Authentication Factors
Authentication preview0:36
In this lecture I walk you through the Authentication Factors Quiz before you attempt it. We review the three factor categories, clarify the most common exam mistakes around MFA, and work through the reasoning process for distinguishing between Single-Factor, 2FA, MFA, Passwordless, and SSO. By the end of this walkthrough you will know not just the correct answers but how to eliminate wrong options quickly under exam conditions. Authentication factors appear throughout the entire CC exam — in Domain 3 questions, in access control scenarios, and in security policy questions. This walkthrough ensures you approach the quiz with confidence and the right mental framework.

Saying goodbye!1:20
When you see an authentication scenario on the CC exam, ask yourself one question: Is this something in the person's memory, something in their hand, or something on their body? Memory = Know. Hand = Have. Body = Are. That single question will get you to the right answer every time.
Explaining my activities0:28
Complete Quiz
Self-Assessment Quiz 10
Ungraded✓ Complete
CIA Triad & Risk Management Quiz 10 Graded✓ Complete
PICERL Scenario Worksheet 10 Self-graded✓ Complete
Authentication Factors Quiz 10 Graded✓ Complete

Requirements

No cybersecurity experience is required.
No technical background needed — this course is beginner‑friendly.
A computer or tablet to watch the lessons and complete practice questions.
A willingness to learn and prepare for the ISC2 Certified in Cybersecurity (CC) exam.

Description

Are you ready to start your cybersecurity career? I am ready to teach you as a one-on-one tutor or professor all online! The ISC2 Certified in Cybersecurity (CC) certification course will give you the confidence to pass the exam within four weeks. This course is structured for beginners and aligned with the trusted Sybex CC Certification Guide. The five domains are broken into six to seven chapters, and each lecture will have a quiz afterwards. On the other hand, the contents at a glance include five domains in easy‑to‑understand lessons. The course is designed for entry-level IT cybersecurity. For example, it strengthens your security knowledge or prepare your first industry certification. Subsequently, a student will learn what your employers expect. For example, specific security principles, access control, network security, incident response, and security operations. I will try to use real examples to address each domain as accurately as possible. Next, I can provide PDFs, which I plan to chunk into small bite-size notes for memorization. Not to mention, I do offer additional tutoring hours one-on-one if the student requires further assistance. We will be using the ICC Certified in Cybersecurity, Study Guide by Mike Chapple. Publisher is Sybex, A Wiley Brand.

Who this course is for:

Complete beginners who want to start a career in cybersecurity.
Students preparing for the ISC2 Certified in Cybersecurity (CC) exam
Career changers who want a simple, structured introduction to security concepts.
Anyone who wants to understand cybersecurity basics, governance, and security operations.
Entry‑level IT learners who want a clear, step‑by‑step explanation of security fundamentals.

What you'll learn

Explore related topics

Course content

Introduction2 lectures • 5min

SECTION 2: Domain 1 — Security Principles3 lectures • 11min

SECTION 3: Domain 2 — BC, DR & Incident Response2 lectures • 6min

LECTURE 6: Authentication Factors2 lectures • 7min

Congratulations!2 lectures • 2min

Requirements

Description

Who this course is for: