Towards the tail-end of studying for the CompTIA A+ certification at the end of 2022, a new certification caught my attention.
The International Information System Security Certification Consortium, or (ISC)2, is an organization that was founded in 1989 that started with a need for training and standardizing computer security. They are mostly known for the CISSP, an advanced cybersecurity certification.
The study materials? (ISC)2 has an online, self-guided course with the option to buy a $20 ebook. When finished with the slides, videos, reading, and quizzes from the free online training, a certificate is earned (see above). With this initiative, they offered (at least at the beginning of 2023) a free exam voucher for the CC cert. The exam typically costs $199.
The exam consists of 100 multiple-choice questions with a maximum of two hours to complete. There are five major topics covered on the exam: Security principles, business continuity, disaster response and business continuity, access control concepts, network security, and security operations.
Studying for the exam took me about two months. The studying may have gone faster for me if I wasn’t also studying for the Core 2 of the CompTIA A+ exam. Luckily, some of the concepts covered in the CC exam were things I have already studied. The training from (ISC)2 really helped reinforce the topics.
I was glad to find out that I passed after completing the exam, though they do not tell you the score. A passing grade is 70% or higher.
I received an email the following day with a link to pay for the $50 annual membership fee and then obtain the certification. The request for payment before getting the cert slightly threw me off as that wasn’t something I expected even though I expected to pay for it anyway. The annual membership fee isn’t large compared to other professional organizations.
Is it worth it to get the CC?
If you are starting off in IT and have a desire to get into cybersecurity, I think it’s worth it to display some basic cybersecurity competency. The benefits of membership open doors for continued training and growth.
Like many certifications in IT, continuous training is needed during the three-year lifespan of the cert. A CC holder is asked to obtain 45 continuing education credits in three years with many ways to obtain credits. Those may include webinars, in-person training, Skill-Builders, etc.
I can not remember the name of the YouTube cybersecurity person who said the following, but it stood out to me: Chase the knowledge, not the certifications. If studying for the certs helps to bring the knowledge, that’s great. I felt that the CC helped reinforce those principles.
Always learn, and never stay comfortable.