EC-Council's entry-level hands-on cybersecurity credential. The right starting point in cybersecurity — a 24-hour practical exam, real labs and an SOC-ready foundation in 5 days.
⏱Duration: 5 days / 40 hrs
💻Format: Instructor-Led + Cyber Range
🌐Delivery: On-site · Virtual · Hybrid
✅Pass rate: 94%
📅Next intake: 6 May 2026
🔐
Network defence
Firewalls, IDS / IPS, traffic analysis at entry depth
CCT is EC-Council's entry-level hands-on cybersecurity credential. Unlike Security+ (which is broader and theory-heavy), CCT is graded on a 24-hour practical exam against a real cyber range. It is the cert most often recommended for SOC-tier-1 candidates, IT operations staff moving security-side, and graduates entering cybersecurity.
At Nexperts, CCT is delivered as a 5-day intensive across 40 hours of cyber-range time. We map every domain to a real defensive scenario — firewall config, IDS rule writing, malware triage, vuln remediation, IR walkthrough. By day 5 you've worked through 12 graded scenarios on the range.
CCT is unusual in the entry-cert world: the exam is hands-on. Candidates who pass walk into SOC-tier-1 interviews with measurable evidence. CompTIA Security+ is broader; CCT is hands-on. They complement each other well — we recommend pairing.
The 2026 update sharpened the cyber-range focus and aligned with EC-Council's track for new SOC-tier-1 hires. Pass-rate baselines stay strong because the labs build the right reflexes.
Who should take this course
🔐
SOC tier-1 candidates
CCT is the cert most often used as evidence of hands-on capability.
📚
IT operations staff
Pivoting into security-ops. CCT is the entry credential.
From IT support, networking or sysadmin into cyber-defence.
🔐
Internal-IT teams
Building defensive capability in-house. CCT is the practical reference.
💼
CompTIA Security+ holders
Adding the hands-on component to the broader Security+ knowledge.
Prerequisites
✓ Basic networking knowledge (TCP / IP, OSI, IP addressing)
✓ Comfortable with Windows + Linux at user level
✓ No prior cybersecurity experience required
✓ We recommend Network+ or equivalent before CCT
→ No networking background? Ask about the Network+ → CCT bundled track.
Course Curriculum
Five days. Cybersecurity hands-on at entry.
CCT covers five domains: Information Security Threats & Vulnerabilities (15%), Network Security (35%), Application Security (15%), Data Security (15%), and Incident Response & Disaster Recovery (20%). We deliver across 5 days with cyber-range time daily.
Hands-On Cyber Range
12 labs. On a real cyber range.
Every lab runs on EC-Council's iLabs cyber range plus our internal Nexperts range. By day 5 you've worked through 12 graded scenarios.
01
Vuln Triage
Run a Nessus scan and triage 30 findings.
Threats
02
Firewall
Configure a small DMZ with stateful firewall.
Network
03
IDS Rules
Write 6 Suricata rules for known IOCs.
Network
04
Traffic Analysis
Identify 5 anomalies in a Wireshark PCAP.
Network
05
WiFi Audit
Audit a wireless network for WPA3 compliance.
Wireless
06
Endpoint Harden
Harden Windows + Linux endpoints to CIS baseline.
Endpoint
07
Patch Mgmt
Build a patch-management workflow for 25 endpoints.
Endpoint
08
Web Vulns
Identify and exploit 5 OWASP Top-10 entry vulnerabilities.
Apps
09
Encryption
Configure encryption at rest + in transit for a small app.
Data
10
DLP Rules
Configure DLP rules for a sensitive file-share.
Data
11
Log Triage
Investigate a real-world malware incident from logs.
IR
12
IR Walk
Full ransomware-incident IR walkthrough.
IR
+ 12 take-home cyber-range challenges with reference walkthroughs.
Exam Information
24-hour practical exam. Live cyber range.
CCT is graded on a 24-hour practical exam against EC-Council's iLabs cyber range. You receive scenarios in real time and must demonstrate hands-on capability across all 5 domains.
CCT Practical Exam
Format24-hour live cyber-range scenarios
DomainsAll 5 covered, scenario-based
Passing score70%
FormatEC-Council remote proctored
Validity3 years (CPE-renewable)
Industry avg pass rate~70% first attempt
Nexperts pass rate94% first attempt
Our 4-Mock Programme
01
Day 2 Lab
2-hour graded scenario at end of day 2.
02
Day 3 Lab
4-hour graded scenario at end of day 3.
03
Day 4 Lab
6-hour graded scenario at end of day 4.
04
Day 5 Mock
8-hour mock exam at end of day 5. 70%+ before booking.
0%
Pass Rate
94% of our CCT candidates pass on first attempt.
The CCT pass rate among self-study candidates sits around 70%. We hit 94% with structured cyber-range time and graduated mock exams across the 5-day programme.
iLabs cyber rangeReal scenarios94% first attemptFree retake voucherEC-Council aligned
Why our pass rate is 94%
Industry average: ~70%
Most candidates can pass written-style cyber tests but freeze on a 24-hour practical. The hands-on speed-of-recall is what's missing.
Nexperts: 94%
We give 4 graded scenarios on the range during class. By day 5, the workflow is reflex — not panic.
Your Cybersecurity Path
CCT pairs with Security+ and CSA.
CCT is the entry. From here, learners typically add CompTIA Security+ for breadth, then Certified SOC Analyst (CSA) for SOC-tier-1 specialisation.
