212-82
Coming Soon
Expected availability announced soon
This course is in active development. Preview the scope below and create a free account to be notified the moment it goes live.
ECCouncil CCT
The EC‑Council Certified Cybersecurity Technician (CCT) exam validates early‑career professionals’ ability to identify threats, secure networks, protect data, and harden operating systems using hands‑on techniques.
180
Minutes
60
Questions
70/100
Passing Score
$499
Exam Cost
Who Should Take This
It is intended for recent IT graduates, junior network administrators, or support staff who have foundational IT knowledge and seek to specialize in cybersecurity. These learners aim to gain practical, vendor‑neutral credentials that accelerate entry‑level roles and demonstrate competence in threat mitigation, encryption, and system hardening.
What's Covered
1
Threats and Vulnerabilities
2
Network Security
3
Wireless and Mobile Security
4
Cryptography and Data Protection
5
Operating System Security
6
Endpoint Security
7
Identity and Access Management
8
Incident Handling
9
Security Governance
What's Included in AccelaStudy® AI
Adaptive Knowledge Graph
Practice Questions
Lesson Modules
Console Simulator Labs
Exam Tips & Strategy
20 Activity Formats
Course Outline
60 learning goals
1
Threats and Vulnerabilities
2 topics
Threat landscape
- Identify information security principles including CIA triad defense in depth least privilege and the relationship between threats vulnerabilities and risks.
- Describe attack types including phishing malware distribution denial of service man-in-the-middle SQL injection and privilege escalation techniques.
- Apply threat classification by categorizing observed threats by severity likelihood and potential business impact for prioritized response planning.
- Analyze a threat scenario to identify the likely attack vector threat actor category and recommend proportionate defensive countermeasures.
Vulnerability identification
- Describe vulnerability types including software flaws misconfigurations default credentials unpatched systems and insecure protocol implementations.
- Apply vulnerability scanning tools to identify security weaknesses and interpret CVSS scores severity ratings and remediation guidance.
- Analyze vulnerability scan results to prioritize remediation based on exploitability asset criticality available patches and compensating controls.
2
Network Security
2 topics
Network defense devices
- Describe network security devices including firewalls IDS/IPS proxies NAC appliances and load balancers and their architectural placement.
- Identify network protocols and their security implications including TCP UDP ICMP DNS DHCP and their associated common vulnerabilities.
- Apply firewall rule configuration to control traffic based on addresses ports and protocols while implementing implicit deny baseline policies.
- Analyze network architecture to identify missing security controls improper segmentation and device placement issues increasing attack surface.
Network segmentation
- Describe network segmentation using VLANs DMZ architecture network zones and micro-segmentation to isolate systems and limit lateral movement.
- Apply segmentation principles to place servers workstations IoT devices and guest networks into appropriate security zones with access policies.
- Analyze a network diagram to identify segmentation weaknesses lateral movement risks and recommend architectural improvements.
3
Wireless and Mobile Security
2 topics
Wireless security
- Describe wireless security protocols WPA2 WPA3 and enterprise authentication and identify rogue AP evil twin and deauthentication threats.
- Apply secure wireless network configuration including enterprise authentication client isolation rogue AP detection and guest network isolation.
- Analyze wireless network assessments to identify weak encryption unauthorized access points and recommend security configuration improvements.
Mobile device management
- Describe mobile security challenges including app-based threats jailbreaking data leakage and BYOD versus corporate-owned device models.
- Apply MDM policies including device enrollment application management remote wipe capability and containerization for data separation.
- Analyze mobile security posture to evaluate MDM coverage app permission risks and data protection adequacy across the device fleet.
4
Cryptography and Data Protection
2 topics
Encryption and hashing
- Describe symmetric AES 3DES asymmetric RSA ECC and hashing SHA-256 algorithms and their use cases for confidentiality integrity and authentication.
- Apply encryption to protect data at rest using disk encryption and data in transit using TLS configuration and VPN tunnel establishment.
- Analyze cryptographic implementations to identify weak algorithms insufficient key lengths and certificate configuration issues requiring remediation.
Data protection and backup
- Describe data classification levels lifecycle management and protection requirements including encryption masking and secure disposal procedures.
- Apply backup strategies including full incremental and differential backups with verification testing and offsite storage for disaster recovery.
- Analyze data protection controls by evaluating encryption coverage backup completeness access restrictions and compliance with data handling policies.
5
Operating System Security
2 topics
Windows hardening
- Describe Windows security features including UAC Defender BitLocker Windows Firewall Event Viewer and Group Policy security settings.
- Apply Windows hardening by disabling services configuring password policies enabling audit logging applying CIS baselines and managing updates.
- Analyze Windows security configurations to identify hardening gaps missing patches disabled security features and policy compliance violations.
Linux hardening
- Describe Linux security including file permissions sudo SELinux AppArmor iptables nftables and package manager integrity verification.
- Apply Linux hardening including SSH key authentication root login restriction fail2ban firewall rules and unnecessary service deactivation.
- Analyze Linux system logs to identify brute force attempts unauthorized escalation suspicious processes and configuration drift from baselines.
6
Endpoint Security
3 topics
Endpoint protection solutions
- Describe endpoint security including antivirus EDR XDR host firewalls application whitelisting and endpoint encryption technologies.
- Apply endpoint protection deployment including antivirus with real-time scanning EDR agent configuration and host-based intrusion prevention setup.
- Analyze endpoint security alerts to identify malware infections policy violations and suspicious activities requiring incident response procedures.
Patch and configuration management
- Describe patch management lifecycle including vulnerability identification patch testing deployment verification and rollback procedures.
- Apply configuration management by establishing security baselines deploying configurations through automation and monitoring compliance drift.
- Analyze patch compliance reports to identify systems with missing critical updates and recommend prioritized patching schedules.
Security automation basics
- Describe security automation concepts including scripted log parsing automated compliance checking and orchestrated incident response playbooks.
- Apply basic security automation by creating scripts for log analysis user provisioning and configuration compliance verification tasks.
7
Identity and Access Management
2 topics
Authentication and MFA
- Describe authentication methods including passwords biometrics tokens certificates and MFA categories of something you know have and are.
- Identify authorization models including RBAC DAC MAC and ABAC and describe their application in controlling access to systems and data.
- Apply MFA configuration and password policy enforcement including complexity requirements lockout thresholds and password history restrictions.
- Analyze authentication configurations to identify weak MFA adoption excessive privileges and credential management risks.
Identity management
- Describe identity management including directory services LDAP Active Directory federation SSO and identity lifecycle management.
- Apply SSO and federation using SAML OAuth 2.0 and OpenID Connect to enable centralized authentication across multiple applications.
- Analyze IAM posture by reviewing MFA coverage privileged access management access review processes and federation security configurations.
8
Incident Handling
2 topics
Incident response procedures
- Describe incident response phases including preparation detection analysis containment eradication recovery and post-incident lessons learned.
- Identify indicators of compromise including unusual traffic failed logins unauthorized changes and malware signatures for incident detection.
- Apply incident detection using log analysis alert triage and IoC matching to identify and classify security incidents requiring response.
- Analyze incident data to determine attack timeline scope of compromise root cause and lessons learned for improving response capabilities.
Security monitoring
- Describe log management including sources centralized collection retention policies integrity protection and NTP time synchronization.
- Apply log collection from firewalls operating systems applications and authentication systems into centralized monitoring solutions.
- Analyze security logs from multiple sources to correlate events identify attack patterns and reconstruct incident timelines across layers.
9
Security Governance
2 topics
Policies and frameworks
- Identify security governance elements including policies standards procedures and guidelines and their organizational hierarchy and enforcement.
- Apply security policies by implementing access controls change management and acceptable use enforcement aligned with organizational requirements.
- Analyze security policy effectiveness by evaluating compliance rates exception handling and policy coverage against organizational risk profile.
Risk and compliance
- Describe risk management including identification assessment treatment options risk registers residual risk acceptance and business impact analysis.
- Apply compliance requirements by implementing controls satisfying GDPR HIPAA PCI-DSS and SOX obligations for data protection and access control.
- Analyze risk scenarios to assess likelihood impact recommend treatment strategies and justify security investment based on risk reduction value.
Scope
Included Topics
- All domains in EC-Council CCT covering threats vulnerabilities network security wireless cryptography OS hardening endpoint IAM incident handling and governance.
- Information security threats including malware social engineering network attacks web application attacks and IoT threats.
- Network security including firewall configuration IDS/IPS VPN wireless security segmentation and monitoring.
- Cryptography and data protection including symmetric asymmetric encryption hashing PKI backup and data classification.
- Incident handling including detection triage containment eradication recovery and security governance frameworks.
Not Covered
- Advanced penetration testing covered by CEH and CPENT.
- Enterprise SIEM and threat hunting covered by CND and CSA.
- Advanced digital forensics covered by CHFI.
- Executive security program management covered by CCISO.
- Application security engineering covered by CASE and ECSP.
Official Exam Page
Learn more at EC-Council
212-82 is coming soon
Adaptive learning that maps your knowledge and closes your gaps.
Create Free Account to Be Notified