ISC2 Certifications — Study Hubs, Syllabi & Practice
ISC2 exam prep hubs with blueprint-aligned syllabi, high-yield cheatsheets, FAQs, and realistic practice tests. Start with CC (Certified in Cybersecurity), then advance to role-based paths like SSCP, CISSP, CCSP, CSSLP, CGRC, and HCISPP.
Welcome to the ISC2 hub. Each exam page follows a consistent, blueprint-aligned structure: Overview (format & pacing), Syllabus (objectives by domain), a Cheatsheet for last-mile recall, and Practice with timed, exam-style questions. This lets you scan what’s tested, learn efficiently, and validate with realistic drills.
Where to start
CC — Certified in Cybersecurity (Entry level)
Build fundamentals across security principles, business continuity, access control, network security, and security operations. Ideal on-ramp if you’re new to the field. → ./cc/
SSCP — Systems Security Certified Practitioner (Hands-on ops)
Practical focus on implementing/monitoring security controls, incident response, network/endpoint security, and access administration. → ./sscp/
CISSP — Certified Information Systems Security Professional (Senior/leadership)
Broad, depth-plus-judgment coverage across the eight CBK domains; emphasizes design, governance, and risk-based decision-making. → ./cissp/
CCSP — Certified Cloud Security Professional (Cloud architecture/ops)
Cloud concepts, data security, platform/infrastructure, application security, operations, and legal/compliance in cloud contexts. → ./ccsp/
CSSLP — Secure Software Lifecycle Professional (AppSec/SDLC)
Requirements, design, implementation, verification/validation, supply chain, and secure deployment/operations. → ./csslp/
CGRC — Governance, Risk and Compliance (formerly CAP)
Authorize and maintain information systems with risk-based frameworks; RMF/NIST focus and continuous monitoring. → ./cgrc/
HCISPP — HealthCare Information Security & Privacy Practitioner
Healthcare regulations, privacy, risk management, and third-party security within clinical/health environments. → ./hcispp/
Tip: If you’re early-career, take CC first, then target SSCP or CISSP based on experience and goals. If you’re cloud-focused, pair CISSP or SSCP with CCSP.
How these hubs help
- Overview — format, scoring model, audience, pacing, and a compact study plan
- Syllabus — objective-by-domain outline with quick links to targeted drills
- Cheatsheet — high-yield contrasts, diagrams, and rules of thumb
- Practice — timed sets, scenario items, and full mocks with review mode
- FAQ & Resources — common candidate questions and official references
As ISC2 updates blueprints, this hub remains the canonical entry point with refreshed objectives and links.
Use categories/tags to hop between vendors (CompTIA, ISC2, AWS, Azure). Prefer a role-first filter (e.g., cloud, governance, appsec) if you’re aligning certs to a job path.
In this section
- CISSP — Certified Information Systems Security Professional (ISC2) — Study Hub
Blueprint-aligned prep for ISC2 CISSP: overview, 8-domain syllabus, high-yield cheatsheet, FAQs, and realistic practice focused on governance/risk, security architecture & engineering, identity, cloud/network, SDLC, and operations/IR.
- CISSP Overview — Format, What’s Tested & How to Prepare
Everything to know before CISSP: exam mindset and format, who it’s for, the 8 CBK domains, a deep readiness checklist, a 6–10 week study plan, and decision heuristics that match the exam’s architect/manager focus.
- CISSP Syllabus — Objectives by the 8 CBK Domains
Blueprint-aligned learning objectives for CISSP, organized by the eight CBK domains with quick links to targeted practice.
- CISSP — Certified Information Systems Security Professional — Cheatsheet
High-yield CISSP review: governance & risk, security models, crypto/PKI, IAM & access models, architecture & network, cloud, SDLC & DevSecOps, operations/IR/BCP/DR, physical, legal/privacy — with quick contrasts and decision heuristics.
- CISSP Practice — Scenario Drills & Full Mocks
Open the practice app for CISSP. Start with domain-focused scenario drills, then mix full-length mocks. Judgment-heavy questions that match CISSP’s architect/manager voice.
- CISSP — Frequently Asked Questions (Deep-Dive)
Comprehensive CISSP FAQ: eligibility & experience, exam format & scoring mindset, 8 CBK domains and depth, study planning, practice approach, risk/BCP math, ethics/endorsement/CPEs, and exam-day tactics.
- CISSP Resources — Official References, Frameworks, Tools & Lab Ideas
A curated, blueprint-aligned list for CISSP: (ISC)² official pages, governance & risk frameworks (NIST/ISO/CIS), zero trust & architecture, crypto/PKI/TLS, IAM & identity standards, cloud & containers, IR/forensics/BCP, and vetted open-source tools and lab ideas.
- CISSP Updates — Blueprint & Content Changes
Track notable changes to the CISSP study hub: syllabus mapping (8 CBK domains), cheatsheet refinements, practice coverage, resources, and copy updates.