Problem solve Get help with specific problems with your technologies, process and projects.

Benefiting from an MCSE: Security certification

Getting an MCSE: Security may require more time and money than other certifications, but those who do invest in the senior-level credential are likely to reap the benefits.

To effectively administer Windows systems nowadays you need a working knowledge of Microsoft's security principles...

and practices -- and pursuing an MCSE: Security is a good way to get it. In contrast to the more junior MCSA: Security, an MCSE: Security may actually be valuable to a current or prospective employer, benefiting those who earn one. It will also help interested IT professionals learn concepts, practices and skills to bolster them in the workplace for years to come.

In 2003, Microsoft introduced the concept of specializations for its popular MCSA and MCSE (Microsoft Certified Systems Administrator and Engineer) certifications. This program includes a security track for both credentials, where all the requirements for the more junior MCSA feed nicely into those for the more senior MCSE. In this tip, I'll take a closer look at MCSE: Security. In my previous tip, I provided similar coverage for the MCSA: security.


Security specializations are currently available for Windows 2000 and Windows Server 2003. For both Windows platforms, candidates for the MCSE: Security must take one more exam than is required for the plain-vanilla MCSE or the messaging specialization Microsoft currently offers as well. According to Microsoft's recent certification count (dated Sept. 9, 2004), nearly 3,300 people have earned MCSE: Security, combining both versions of Windows, as compared to just over 3,600 who've earned MCSE: Messaging.

To put this in some perspective, 253,000 have earned MCSE on Windows 2000 and over 11,000 have done likewise for Windows Server 2003. Only 1.25% of the total population has upped the ante to obtain the MCSE: Security.

Furthermore, over 2,700 people have earned MCSA: Security as compared to approximately 3,300 for MCSE: Security, giving a slight edge to the senior credential. This differs greatly from the junior versus senior credentials for the messaging specialization. Over 18,000 individuals have earned MCSA: Messaging, while only 3,600 have earned MCSE: Messaging -- or about six to one. I'm convinced the higher numbers for messaging, especially at the MCSA level, reflect the ability to earn a specialization without having to take any additional exams, requiring no extra effort or money.

Workload requirements

The security specialization program does two things to MCSE requirements. First, it focuses core exams on security topics where applicable. Second, it turns electives on the plain-vanilla version into what are called specialization exams -- for MCSE: Security, these take a security bent. Table 1 shows requirements for Windows 2000 and Windows Server 2003 versions of the MCSE: Security credential.

Note: C: in front of the Type field means "Core exam," while S: means "Specialization exam." The Core Design exams fall into both categories, so they're labeled CS).

Table 1: MCSA: Security requirements

Platform Type Exam Exam title
Windows 2000 only C: Networking 70-215 Installing, configuring & administering Windows 2000 Server
C: Networking 70-216 Implementing & administering an MS Windows 2000 network infrastructure
C: Networking 70-217 Implementing & administering an MS Windows 2000 directory services infrastructure
CS: Design 70-220 Designing security for an MS Windows 2000 network
S: Core Security 70-214 Implementing & administering security in a Windows 2000 network
Windows Server 2003 only C: Networking 70-290 Managing & maintaining a Windows Server 2003 environment
C: Networking 70-291 Implementing, managing & maintaining a Windows Server 2003 network infrastructure
C: Networking 70-293 Planning & maintaining an MS Windows Server 2003 network infrastructure
C: Networking 70-294 Planning, implementing & maintaining an MS Windows Server 2003 Active Directory infrastructure
CS: Design 70-298 Designing security for an MS Windows Server 2003 network
S: Core security 70-299 Implementing & administering security in a Windows Server 2003 network
Dual coverage exams (both) C: Client OS 70-210
Installing, configuring, & administering Windows 2000 Pro
Installing, configuring & administering Windows XP Pro
S:Core Security 70-227
Installing, configuring & administering ISA Server 2000
CompTIA Security+ exam

Note that when two items appear in a single table cell (as with 70-210 and 70-270, and with 70-227 and Security+) candidates must take one exam or the other; both exams won't count. Note also that core networking and security exams differ by Windows version for MCSE: Security, depending on whether the target is Windows 2000 or Windows Server 2003.

The difference between the two platform versions of MCSE: Security is the number of exams. The Windows 2000 version calls for three networking core exams (70-215, 70-216 and 70-217), whereas the Windows Server 2003 version calls for four such exams (70-290, 70-291, 70-293 and 70-294). Likewise core design and core security exams differ for each platform. My best guess is that those who want to upgrade from MCSE: Security on Windows 2000 to the 2003 equivalent will have to take 70-299 (to replace 70-214), even if passing 70-292 and 70-294 upgrade exams is acceptable for this credential. Since the other security specialization exams are the same for both platforms (at least until the new version of ISA Server is released) this means at least three, sometimes four, new exams must be completed to upgrade to the newer Windows server version.

Job opportunities

As security is a primary concern for so many companies and organizations that use Windows, security-savvy Windows professionals should be in pretty high demand. In general MCSEs are in higher demand than MCSAs, so this bodes well for MCSEs who put in the extra time and effort to earn security specializations. Visits to various job posting and placement sites also illustrate this demand, showing between 150 and 450 relevant opportunities at each of several major portals (,,,, and so forth). Interestingly, though, few such postings mention the MCSE: Security credential by name; all of them do ask for MCSEs with security knowledge and skills. This argues that, despite the extra work and cost involved in obtaining an MCSE: Security, the extra outlay should be offset by better opportunities, if not only increased earnings.

About the Author
Exam Cram Exam Cram 2 Training Guide Certification

For More Information

Tip: Want to get your MCSA: Security? Get info on the specialization here

Best Web Links: Read up on current Windows certifications and specializations

Reader feedback: Are you certified? Tell us about your experience, and let us know if you give a thumbs up or down to certification.

Ed Tittel is the creator of the series of IT certification books. Ed edits this series as for Que Publishing, along with the series of certification study guides. He's also a contributing editor for magazine, and writes regularly on certification and security topics for various TechTarget Web sites.

Dig Deeper on Windows Server troubleshooting