ISC2 · Official Blueprint · Last reviewed May 2026
The official ISC2 CC exam covers 5 domains. The vendor does not publish percentage weights for these domains — treat each as an equal part of the exam blueprint.
Covers the topics, concepts, and applied skills examined under the Access Controls Concepts domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Access Controls Concepts questionsCovers the topics, concepts, and applied skills examined under the Business Continuity, DR & Incident Response domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Business Continuity, DR & Incident Response questionsCovers the topics, concepts, and applied skills examined under the Security Principles domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Security Principles questionsCovers the topics, concepts, and applied skills examined under the Network Security domain. Study the official exam objectives and practise questions in this area to build confidence and accuracy before your exam.
Practice Network Security questionsIncident response lifecycle, digital forensics, threat hunting, SIEM/SOAR tools, log analysis, and security automation.
Practice Security Operations questionsThe vendor does not currently publish percentage weights for these domains, so Courseiva does not rank them by weight.
Work through each domain systematically — cover fundamentals first, then applied and scenario-based topics.
Never skip a domain regardless of perceived importance. Full coverage is required to pass.
Use Courseiva domain analytics to track your accuracy per domain and route extra questions to your weak areas.
Courseiva tracks your accuracy per domain automatically and routes you toward your weakest areas — no manual configuration needed.