The global cybersecurity workforce gap hit 4.8 million unfilled positions in early 2026 (and ISC2 built the CC specifically to address that shortage). No experience required. No prerequisites. Often free. For anyone standing at the door of a cybersecurity career, this credential removes almost every barrier to entry.

What Is ISC2 CC Certification?

The ISC2 Certified in Cybersecurity (CC) is an entry-level, vendor-neutral credential issued by ISC2, a non-profit certifying body with over 265,000 certified members across all its programs. ISC2 launched the CC on August 31, 2022, making it one of the newest credentials in the cybersecurity space. More than 50,000 individuals had earned it by March 2024, reflecting strong early adoption.

What sets the CC apart isn’t its content (it’s its access model. ISC2’s “One Million Certified in Cybersecurity” initiative has offered free training and free exam vouchers to qualifying candidates, meaning thousands have entered the field at zero cost. The exam transitioned to Computer Adaptive Testing (CAT) on October 1, 2025, and covers five domains across a 120-minute window. A content update is scheduled for September 1, 2026, so candidates preparing after that date should confirm they’re studying the current outline at isc2.org.

The CC isn’t a career destination. It’s a deliberate launchpad into ISC2’s broader certification architecture, with SSCP and CISSP as the natural next steps.

Who Should Get ISC2 CC Certified?

Career changers with no IT background. If you’re moving from a non-technical field and want a structured, credentialed entry point into cybersecurity, the CC’s no-prerequisites model was designed for you. Expect to spend four to six weeks preparing.

Recent graduates and students. College students or recent grads who want to signal foundational cybersecurity knowledge to employers before landing their first role get real credential value here, especially while free vouchers remain available.

IT generalists transitioning to security. Help desk technicians, sysadmins, and network support staff who want to formalize their security knowledge and start targeting Security Analyst or SOC Tier 1 roles will find the exam material maps well to what they already encounter day-to-day.

Who shouldn’t pursue it: If you already have one to two years of hands-on IT or security experience, CompTIA Security+ will send a stronger hiring signal and unlocks DoD 8140-mapped roles. The CC is designed for true beginners (experienced professionals may find it redundant and should consider skipping directly to Security+ or SSCP).

ISC2 CC Exam Domains and Weights

The CC exam covers five domains, with Security Principles (26%) and Network Security (24%) carrying the most weight (those two domains alone account for half the exam). Understanding how domain weights translate to study priorities is the single most important planning decision you’ll make. The widget below shows every domain, its weight, and the topics each one tests.

ISC2 CC Exam Cost, Format, and Pass Score

The CC exam runs 120 minutes in CAT format, with a passing score of 700 on a 1,000-point scale, administered exclusively through Pearson VUE. The standard exam fee is $199, though the free voucher program through ISC2’s initiative can bring that to $0 (your total investment depends on which path you take). ISC2 has not publicly documented CC retake fees; candidates who entered through the free voucher program should check whether their voucher includes retake eligibility. The widget below breaks down every cost tier and shows the full investment range from free to boot camp.

ISC2 CC Salary and Job Outlook 2026

ZipRecruiter data from March 2026 lists a national average of $132,962 for roles that mention the ISC2 CC, but that figure reflects the full spectrum of cybersecurity professionals across all experience levels (not entry-level CC holders specifically). Entry-level roles where the CC is most relevant (Security Analyst, SOC Analyst Tier 1, Cybersecurity Trainee) typically pay in the $60,000-$85,000 range. The CC is a launchpad credential; salary growth comes from experience and stacking higher-tier certifications like Security+ or CISSP on top of it. The broader Information Security Analyst category is projected to grow 33% from 2023 to 2033 (well above average for all occupations). The salary widget shows the full landscape by role, region, and industry.

ISC2 CC Requirements: Experience and Eligibility

This is the shortest prerequisites section you’ll read for any professional certification: there are none. No work experience. No educational minimums. No prior cybersecurity knowledge required. ISC2 designed the CC explicitly for students, career changers, recent graduates, and IT professionals with no formal security background.

After passing, you become an ISC2 CC member and must pay a $50 Annual Maintenance Fee and earn 45 Continuing Professional Education (CPE) credits over each three-year certification cycle to stay current.

Unofficial estimates place the first-attempt pass rate around 70%, though ISC2 does not publish official statistics.

The honest difficulty assessment: “entry-level” is accurate for the content, but not for the exam experience. The most common failure modes are underestimating the exam’s conceptual rigor, over-relying on the official training as the sole resource, and memorizing definitions instead of understanding how to apply them. ISC2’s CAT format tests whether you can reason through scenarios, not just recall terminology. Plan accordingly.

Timeline expectations: complete beginners with no IT background should budget four to six weeks at one to two hours daily. Candidates with existing IT knowledge can often be ready in two weeks.

How to Study for ISC2 CC: Resources and Plan

Most candidates need 30-50 hours of total study time, though your background determines whether that’s two weeks or six. The core decision is whether to rely on ISC2’s free official training alone (which most candidates supplement), add a structured Udemy course, or invest in a boot camp. The resource navigator and study plan builder below give you the full picture.

What Changed in the ISC2 CC 2025 Update

The most significant structural change to the CC took effect October 1, 2025: ISC2 converted the exam to Computer Adaptive Testing (CAT). The format now delivers 100–125 questions within the same 120-minute window, and the difficulty of each question adjusts based on your responses. This change affects how you experience the exam (not what it tests. Domain weights and content coverage were unchanged.

The next substantive content update (driven by a Job Task Analysis (JTA)) is scheduled for September 1, 2026. ISC2 hasn’t published specific domain or topic changes for that version yet. If you’re preparing close to that date, verify you’re studying the active outline at isc2.org before purchasing materials.

Study materials published before October 2025 cover the right content but were written for a linear exam format. They remain relevant for content review, but complement them with CAT-specific practice to get comfortable with adaptive question delivery.

How AI Is Changing Cybersecurity Careers

AI is reshaping entry-level cybersecurity work in a specific, concrete way: it’s automating the repetitive bottom layer of SOC work (alert triage, log review, routine investigations) while pushing human analysts toward faster promotion into higher-complexity tasks. Some analysts predict the Tier 1 SOC analyst role could eventually be absorbed by AI tooling. Others expect AI to generate new categories of entry-level roles in AI security monitoring and model governance.

What this means for CC candidates: the foundational skills the exam validates (understanding access controls, recognizing threat patterns, following incident response protocols) aren’t being automated. They’re the prerequisites for working alongside AI tools effectively. The CC’s framework gives you the conceptual grounding to grow into that environment.

The practical implication: don’t stop at the CC. Professionals who layer hands-on experience and a next-tier credential (Security+, SSCP, or CCSP for cloud) onto the CC’s foundation are well-positioned for the AI-augmented security landscape. Holding the CC in isolation without progression is the real risk.

Is ISC2 CC Worth It in 2026?

Yes (if you have no prior cybersecurity background and want a credentialed, structured entry point, especially while free vouchers remain available). The top competitor is CompTIA Security+, which signals more strongly for hands-on roles and DoD-mapped positions but requires more preparation and assumes some existing IT experience. The comparison widget shows both side by side across the metrics that actually matter.

How to Get ISC2 CC Certified: Step by Step

1. Assess your background. No prerequisites required (start regardless of experience level).
2. Check the free program. Visit isc2.org/landing/1mcc to determine if free training and an exam voucher are still available to you.
3. Study for 30–50 hours. Use ISC2’s official training plus a Udemy course or practice exam set to go beyond surface-level recall.
4. Schedule through Pearson VUE. Exams are administered at test centers only (no online proctoring).
5. Pass with a 700/1000. After certification, pay the $50 annual maintenance fee and plan your CPE credits across the three-year cycle.
6. Plan your next credential. Target SSCP, Security+, or a specialized ISC2 track before the CC’s signal fades on its own.

The ISC2 CC is the most accessible credentialed entry point into cybersecurity available today. If you’re starting from zero, there’s no better first step (and the ISC2 official certification page has everything you need to register). For deeper guidance on the ISC2 certification path, the TechJacks cybersecurity hub covers the full ladder.

GAIO Compliance Notice

This article was produced under GAIO Integrity Lock (v1.0). All salary figures, exam fees, domain weights, and growth projections are cited to their source. Data points drawn from blocked sources (Cert Empire, Crucial Exams) have been omitted. ZipRecruiter URLs in the phase data were flagged as Google Vertex AI grounding redirects and are labeled for human validation. No statistics have been fabricated, rounded beyond source precision, or extrapolated from unverified data. The retake fee for the CC exam was not available in the source data and is not stated in this article (verify directly at isc2.org).

Reference Resource List

1. ISC2 Certified in Cybersecurity (CC) Official Certification Page
2. ISC2 CC Exam Certification Outline
3. ISC2 One Million Certified in Cybersecurity Program
4. ISC2 2025 Cybersecurity Workforce Study
5. ISC2 Global Certification Salary Insights (May 2024)
6. ISC2 Certifications and DoD 8140 Approval (November 2024)
7. ZipRecruiter (ISC2 Certified in Cybersecurity Jobs
8. Udemy (Complete CC Course by Thor Pedersen
9. Udemy (CC Exam Prep Course 2026
10. Udemy (CC Full Practice Exams by Carreira and Miranda
11. Prabh Nair CC Playlist (YouTube
12. LinkedIn Learning (ISC2 CC Topics
13. Infosec Institute (Entry-Level Security Certifications
14. Training Camp (ISC2 CC Boot Camp

Continue Reading

• Browse All 24 IT Certifications — compare exams, salaries, and career paths side by side
• All ISC2 Certifications — see every ISC2 credential in one place
• ISC2 CISSP — the flagship credential CC is designed to lead into
• ISC2 CCSP — cloud security track for CC holders interested in cloud roles
• ISC2 SSCP — practitioner-level next step with deeper technical depth
• CompTIA Security+ — the most common entry-level alternative to CC
• CompTIA A+ — foundational IT credential for those starting from zero