Skip to content
CertiGuard

Search

Type a word like "security+" or "ccna". Search runs on the published site.

ISC2

ISC2 Certified in Cybersecurity (CC): Cost, Exam Format, and the Free-Exam Reality

By Mario Bailey, Editor

Facts last verified against official sources: 2026-07-06

ISC2 Certified in Cybersecurity costs $199 per exam attempt at ISC2's published price, verified 2026-07-06. Renewal: valid 3 years; 45 CPE credits plus a mandatory $50/year Annual Maintenance Fee.

Occupation context

$129,180

BLS median, Information Security Analysts (May 2025)

190,650 people employed nationally

Salary figures are U.S. Bureau of Labor Statistics medians for the occupation shown, not a measured premium for holding this certification. No one publishes causal cert premiums; anyone quoting one is guessing.

How to prepare

Recommended resources

Supplementary reference, not a recommendation ranking. Nothing here changes how this certification is scored or described.

Some study-resource and course links are affiliate links. If you buy through them we may earn a commission at no extra cost to you. This never affects which certification we recommend or how we describe it.

  • Study guide

    CC Certified in Cybersecurity Study Guide

    Mike Chapple · Sybex (Wiley)

    1st Edition. ISC2 confirms the October 2025 shift to adaptive (CAT) testing changed only the delivery mechanism, not the domain outline, so this edition remains current; a content refresh is announced for September 2026 with no updated edition yet.

For several years the pitch for this credential was simple: the exam is free, so there is nothing stopping you from trying. That pitch changed this year, and the honest version of the story is what this page covers, along with the fee that was never actually free even when the exam voucher was.

Who this cert is actually for

Certified in Cybersecurity is built for people with no cybersecurity background at all: career changers, recent graduates, or anyone testing whether the field is a fit before committing money or years to it. ISC2 designed it as a genuine zero-prerequisite entry point, unlike almost every other credential this site covers, and it assumes no prior IT experience rather than just no formal degree. If you already hold CompTIA Security+ or CompTIA A+, CC will feel like a review rather than new ground.

Skip it if you already have any hands-on IT or help desk experience; Security+ or Network+ signals more to an employer at that point, since CC is explicitly the credential for people with zero background. Skip it too if you are weighing it against ISC2 CISSP as a shortcut. CC and CISSP share a publisher but not a purpose. CC gets you in the door; CISSP is a five-year-experience credential for people already well into a security career. One does not substitute for the other.

What it costs all-in, and the free-exam program’s real status

Here is the fee reality that matters more than any other fact on this page. ISC2 ran a program called One Million Certified in Cybersecurity that covered both a free training course and a free exam voucher for anyone who signed up. As of May 20, 2026, ISC2 closed that program to new enrollment, stating it had surpassed its one-million-enrollment goal. Candidates who already hold an unexpired voucher code from the program can still sit the exam at no charge through December 31, 2026. Anyone enrolling now pays the standard exam price of $199.

Even during the free-voucher years, the certification itself was never free to hold. The moment you pass, ISC2 requires a $50 Annual Maintenance Fee (AMF) every year to keep the certification active, due on your certification anniversary, regardless of whether your exam attempt cost $0 or $199. That fee is not optional and is not a one-time charge; over a nine-year span (three renewal cycles) it is $450 in AMF alone, on top of whatever the exam itself cost you. A candidate who tells you CC is “free” is describing the entry cost, not the ongoing one.

Compare that all-in figure honestly against other entry-level paths on the ROI Index: CC at $199 plus $450 in AMF over nine years lands in a different place than a CompTIA credential’s flat CE-fee renewal, because ISC2’s AMF is charged annually, not per renewal cycle.

The exam itself

The CC exam runs 2 hours and delivers 100 to 125 questions using computerized adaptive testing (CAT), mixing multiple-choice with advanced interactive item types. A passing score is 700 out of a possible 1,000 points. Five domains make up the current exam: Security Principles (26 percent, the largest single slice), Network Security (24 percent), Access Controls Concepts (22 percent), Security Operations (18 percent), and Business Continuity, Disaster Recovery and Incident Response Concepts (10 percent). ISC2 has announced that a new exam outline takes effect September 1, 2026, so anyone testing after that date should check ISC2’s exam outline page directly rather than relying on the domain breakdown above. ISC2 does not publish a pass rate for CC or any of its other certifications.

Renewal math over 9 years

CC is valid for three years, so nine years covers three renewal cycles. Each cycle you need 45 CPE (continuing professional education) credits, with ISC2 suggesting a pace of about 15 per year so the requirement never piles up at the deadline. That is a lighter CPE load than ISC2’s higher-tier certifications carry.

The AMF is the part that does not go away no matter how you handle CPEs: $50 a year, every year, for as long as you hold the certification, which is $150 per three-year cycle and $450 across nine years. Unlike CompTIA’s model, where a paid renewal course can fold CE requirements and fees into one purchase, ISC2’s AMF is a fixed annual membership charge separate from CPE activity. There is no version of holding this certification for nine years that costs $0; budget the full $450 in AMF as the honest floor, on top of whatever the initial exam cost you.

Nine-year cost of ownership: about $649 at the standard $199 exam price, or $450 in AMF alone for anyone who sat the exam on a pre-2026 free voucher, the exam plus $450 in Annual Maintenance Fees over nine years. There is no free path out: the $50-a-year AMF bills whether or not you gather CPEs, and no second ISC2 credential reduces it. A candidate who calls CC “free” is quoting the entry cost, not this one. Certification renewal costs explained compares it to CompTIA’s flat CE-fee model.

What it does for the occupation you are entering

CC maps to the information security analyst occupation (BLS code 15-1212), the same broad category Security+ and CySA+ target. The panel on this page shows the current national median wage and headcount for that occupation; read it as a picture of where the field can lead, not a wage this specific entry-level credential guarantees on its own. The Bureau of Labor Statistics projects continued strong growth in the broader information security analyst occupation, which is the real draw for someone testing the field. What CC concretely buys a total newcomer is a resume line that signals baseline security literacy and genuine intent, useful for landing a first help desk or junior analyst role where you can build the actual experience that later credentials and raises depend on.

Common mistakes

Believing the free-exam window is still open. The One Million Certified in Cybersecurity program stopped accepting new enrollees on May 20, 2026. If you do not already hold a voucher code from before that date, budget the standard $199, not $0.

Forgetting the AMF exists. Because the exam itself was marketed as free for years, plenty of newly certified holders are surprised by the first $50 invoice. Set a calendar reminder for your certification anniversary before it becomes a lapsed-certification problem instead of a routine bill.

Stopping here when you have real IT experience already. CC is a floor, not a ceiling. If you already troubleshoot networks or support end users professionally, Security+ or Network+ will do more for your resume than CC alone, since employers reading CC on an experienced candidate’s resume may read it as underqualification rather than initiative.

Pay less for this exam

The legitimate ways to pay under list price for ISC2 Certified in Cybersecurity, verified in the discounts guide. No coupon codes, no gray-market vouchers.

  • Served in the military? The GI Bill reimburses approved certification tests up to $2,000 per test (check the VA's approved list before booking), and VR&E can cover costs directly for eligible veterans.
  • Employed? Ask about certification reimbursement before you pay anything; many employers cover the exam outright or on a pass, and some cover renewals.
  • Vendors announce price increases ahead of time and vouchers stay valid for months, so a ready candidate can buy at the old price; increases land in the price watch as we verify them.

Check which discounts you qualify for →

Quick answers

How much does ISC2 Certified in Cybersecurity cost?
ISC2 Certified in Cybersecurity costs $199 per exam attempt at ISC2's published price. Legitimate ways to pay less are covered in the pay-less section on this page.
Does ISC2 Certified in Cybersecurity expire?
Per ISC2's published terms: valid 3 years; 45 CPE credits plus a mandatory $50/year Annual Maintenance Fee.
How do you renew ISC2 Certified in Cybersecurity?
The verified renewal terms: valid 3 years; 45 CPE credits plus a mandatory $50/year Annual Maintenance Fee. The renewal-costs guide compares what each model costs over nine years, and the true-cost calculator prices this certification over your own horizon.
How long is the ISC2 Certified in Cybersecurity exam?
ISC2's published format: 100 to 125 questions (CAT), 2 hours, multiple-choice + advanced item types; pass 700/1000.
What is the ISC2 Annual Maintenance Fee (AMF) for CC?
US $50 per year for members who hold only the CC certification, due each year on the anniversary of your certification date. It is mandatory and separate from CPE credits. If you later earn a full ISC2 certification such as CISSP or CCSP, you pay that tier's single $135 AMF instead of two fees.
Is the ISC2 CC exam still free?
No. The One Million Certified in Cybersecurity free-voucher program closed to new enrollment on May 20, 2026. Vouchers issued before that date remain usable through December 31, 2026; everyone else pays the standard $199 exam fee, and every holder pays the $50 annual maintenance fee after passing.

Every figure above comes from the verified facts panel on this page; see the true-cost calculator for multi-year math and renewal costs explained for the four renewal models.

General information, not career or financial advice

CertiGuard documents costs, exam mechanics, and public salary data. Whether a certification pays off for you depends on your market, employer, and experience. Treat this as a starting point, not a promise.

Official sources

Cite this page