avatarCyber Sam

Summary

The author shares their experience in obtaining the ISC2 Certified in Cybersecurity (CC) certification, detailing the preparation process, exam requirements, and post-certification obligations.

Abstract

The author describes their journey to successfully pass the ISC2 Certified in Cybersecurity (CC) certification, a free introductory certificate recommended by their employer. The process included signing up for an online course and exam voucher in October 2023, completing the course, and passing the exam with a score of 70% or higher in December of the same year. The certification requires answering 100 multiple-choice questions within 2 hours. The author utilized the ISC2 course content, additional free online practice questions, and a Udemy course covered by their employer to prepare. Despite some challenges, such as the requirement to physically attend a Pearson Vue test center and a subsequent annual membership fee of $50 to receive the certificate, the author found the exam time ample and the questions reasonable. Post-certification, the author learned of the need to maintain certification with Continuing Professional Education (CPE) credits, requiring 15 credits annually over a 3-year cycle.

Opinions

  • The author found the ISC2 course content and practice questions helpful but notes they were not as difficult as the actual exam questions.
  • The requirement to travel to a test center was seen as inconvenient, especially for those not living in major cities.
  • The author was initially under the impression that the certification would be entirely free, expressing surprise at the annual membership fee required to obtain the certificate.
  • Despite the unexpected costs and ongoing CPE credit requirements, the author seems to regard the CC certification as a valuable addition to their cybersecurity qualifications.
  • The author suggests that the certification is a good starting point for individuals interested in cybersecurity or looking to enhance their skills, but they also highlight that it is not entirely free due to the membership fee and the potential need for paid preparation resources.
  • The author appreciates the company's support in covering the membership fee and providing access to free Udemy courses for exam preparation.

My Experience Passing the “FREE” ISC2 Certified in Cybersecurity (CC) Certification

This is a quick run down of this free cybersecurity certification from ISC2. A great introductory certificate for anyone interested in cyber or wants to improve their existing cyber skills. The company I work for recommended I take the exam to get me up to speed with cybersecurity. This article will detail what I did to pass the cert including resources. I would like to caveat that the certificate is not entireley free.

In terms of start to finish for myself , I signed up for a free account with ISC2 at the beginning of October 2023 which includes a free self paced online course and voucher code for a free exam. I passed the exam at the beginning of December of the same year, and received my Certificate a week later.

For the exam there are 100 multiple choice questions which you have 2 hours to answer and require 70% or more to pass.

1- Course Content

There is an online training program run by ISC2 which is a combination of articles, videos and podcasts that coverthe topics that will be contained in the final examination questions. There are end of section multiple choice questions and “mock” practice exams at the beginning and end of the course. I will caveat whilst these were the only exam style questions available from within the ISC2 course they were not to the same standard of difficulty that appeared on the exam.

2- Exam Preparation

For myself I completed the course as quickly as I could and then shopped around on the internet for some free questions that I could take. I settled on the following options

https://www.udemy.com/course/master-the-cc-exam-become-certified-in-cybersecurity/

I have included the paid course because my firm has free udemy accounts for all employees and this was one that was available to me.

From reddit I noticed that a lot of other people who have taken the exam took a few of the paid Udemy courses that were on offer. However, like any multiple choice exam I was better off taking some notes from the main course and then just plowing through as many exams as possible. I think I answered around 900–1000 multiple choice questions before doing the exam, and from what I read online that was not a lot of preparation.

3- The exam

ISC2 use Pearson Vue, as do most professional standards bodies. However, unlike my most they require you to travel to a test centre as they want to crack down on cheating. I understand the logic, but as most test centres don’t carry ISC2 exams near me I had to travel to quite literally the middle of nowhere to take this exam. So be prepared for this, unless you live in a major city.

I would have taken the exam sooner to completing the course, however, the location the closest exam centre and available dates (only 2 Tuesdays a month were on offer for me) limited me to waiting about a month before I could take the exam.

The exam consists of 100 multiple choice questions that requires a pass mark of 70%. Questions cover anything on the course and are usually definition based or situational based. For myself there were a few questions that jumped up which required me to fall back on my general knowledge of IT and cyber security rather than what I recalled from the course, so be prepared for this.

Ther time limit to complete is 2 hours and I found this more than enough. I only required 45 minutes and to put it into perspective I used to receive 25% extra time at school and university examinations.

4- Getting your certificate

After completing the exam I thought I’d get a nice email straight away with a link attached to a certificate that I could immediately post to LinkedIn. However, to my surprise there is a catch — No such thing as a free lunch — you are required to attest to the ISC2 code of ethics and then pay an annual membership fee of $50 (£39.90) before receiving your certificate.

The attestation is a quick online tick box to say you adhere to the code of ethics presented by ISC2. Once completed this takes a couple of days to be confirmed.

After that I was emailed to say my attestation was approved and that I could now pay the $50 membership fee. I paid straight away and this put me in the one year membership bracket from Jan 2024 to Dec 2024 which was nice of them.

Luckily for me the company I work for covered the fee. Also, if you want to complete any of the other professional exams they offer like SSCP or CISSP, not only are there fees with those (course and exam), but the membership goes up to $129.

After all this I could go to my profile on my ISC2 account and download a pdf of the certification and post to my LinkedIn, which was all i really wanted in the first place. Your certificate will look like the below:

​​

This is not mine, I found this on Google Images

5- Ongoing

You thought that was it for this cert, think again.

In order to retain your certification, ISC2 requires you to complete Continuing Professional Education (CPE) credits over 3 year cycles. Don’t worry I’m still trying to get my head around this. From what I gather these are earned through ongoing commitment to the field by attending events like trainings, seminars, or producing content like publishing articles. I understand the logic behind this but lets be honest this is for an introductory certification. Luckily for the CC it’s only 15 credits a year, so 45 required at the end of the 3 years to retain the cert. Once you’ve completed one of these actions to receive the CPE credits you must populate them on your ISC2 account.

For a full breakdown of how this works see the following link: CPE Handbook

6- Conclusion

I was naive enough to just see a free cybersecurity exam and dedicated some time before understanding the requirements. So on that note I hope you now understand that there are a few barriers before gaining this certificate, mainly traveling to a test centre and paying for an annual membership fee. Here are my final thoughts on the pros and cons of this certification to help you decide whether this is the right cert to pursue:

Thank You

I hope you enjoyed this article. I aim to write further about cybersecurity, so please consider following me and giving this article a 👏

Isc2
Certifiedincybersecurity
Cybersecurity Certificate
Cybersecurity
Cyber Training
Recommended from ReadMedium
avatarSIMKRA
Black Basta Playbook Chat Leak

The ultimate Testing-Threat Hunting-Detection-Engineering- Workflow-Playbook-Incidents-Response-Plan

34 min read
avatarTaimur Ijlal
Why Are Cybersecurity Professionals Losing Their Jobs In 2025 ?

Layoffs Do Not Define You. How To Keep Moving Forward

5 min read
avatarVery Lazy Tech 👾
Hacking Routers & IoT Devices with Routersploit: A Detailed Cheat Sheet

In the realm of cybersecurity, Routersploit is a powerful tool that ethical hackers and penetration testers rely on to target…

4 min read
avatarKhaleel Khan
cURL for Bypassing WAF: Advanced Techniques & Commands Every Hacker Should Know

Web Application Firewalls (WAFs) are designed to protect web applications from common web-based attacks like SQL injection, Cross-Site…

4 min read
avatarHarshad Shah
Cybersecurity Roadmap 2025

How to start cybersecurity in 2025?

6 min read
avatarZudonu Osomudeya
How to Learn DevOps or Any Tech Skill While Working a Full-Time Job

DevOps Road Map 2025

5 min read