Back to ISC2 Certified in Cybersecurity (CC)

Domain 5: Security Operations

Data security, system hardening, security policies, and security awareness training.

This domain covers 18% of the exam. It focuses on understanding data security including logging and monitoring security events, data handling (destruction, retention, classification, labeling), and encryption (symmetric, asymmetric, hashing). It covers system hardening through configuration management (baselines, updates, patches). It tests knowledge of best practice security policies including privacy, change management, BYOD, acceptable use, password, and data handling policies. It also covers security awareness training concepts including social engineering awareness and password protection.
5 minutes 5 Questions

Domain 5: Security Operations is a critical component of the ISC2 Certified in Cybersecurity (CC) certification, focusing on the day-to-day practices and procedures necessary to protect organizational assets and maintain a secure environment. This domain covers several key areas: **Data Security:…

Concepts covered: Hashing Algorithms, Security Awareness Training Programs, Social Engineering Awareness, Data Classification and Labeling, Data Destruction and Sanitization, System Hardening and Baselines, Change Management Policy, Password Policies and Best Practices, Security Event Logging and Monitoring, Data Handling and Retention Policies, Symmetric Encryption, Asymmetric Encryption, Configuration Management and Patch Management, Acceptable Use and BYOD Policies, Privacy Policy Fundamentals

Test mode:
Start practice test
More Domain 5: Security Operations questions
675 questions (total)
Start 100 question test