When users or IT professionals hear the word 'Microsoft,' for many the first thought that comes to mind is 'security problems!' And indeed, a working knowledge of security principles and practices is essential for anybody working on or around Microsoft systems and networks nowadays. Those seeking to develop the right skills and knowledge to address such concerns could do a lot worse that pursuing an MCSA: Security to help that process along. While this credential by itself may not guarantee a good (or better) job, it will help interested IT professionals learn concepts, practices and skills that will stand them in good stead in the workplace for years to come.
In 2003, Microsoft introduced the concept of specializations for its popular MCSA and MCSE (Microsoft Certified Systems Administrator and Engineer) certifications. This program includes a security track for both credentials, in which all the requirements for the more junior MCSA feed nicely into those for the more senior MCSE. In this tip, I'll take a closer look at MCSA: Security. In my next tip, I'll discuss the MCSE: Security.
Security specializations are currently available for Windows 2000 and Windows Server 2003. For both platforms, candidates for MCSA: Security must take one more exam than is required for the general MCSA or the MCSA: Messaging.
According to Microsoft's recent certification count (dated Sept. 9, 2004), slightly over 2,700 people have earned MCSA: Security (combining both Windows 2000 and Windows Server 2003 certifications) as compared to over 18,000 who've earned MCSA: Messaging. Nearly 114,000 have earned MCSA on Windows 2000 and over 21,000 have done likewise for Windows Server 2003.
The security specialization does two things to MCSA requirements. First, it focuses core exams on security topics where applicable; second, it turns what are called electives on the plain-vanilla MCSA into what are called specialization exams and offer a security bent. Table 1 shows requirements for the Windows 2000 and Windows Server 2003 versions of the MCSA: Security credential.
Note: "C:" indicates "Core exam," while "S:" indicates "Specialization exam."
Table 1: MCSA: Security Requirements
|Windows 2000 only||C: Networking||70-215||Installing, configuring & administering Windows 2000 Server|
|C: Networking||70-218||Managing a Windows 2000 network environment|
|S: Core Security||70-214||Implementing & administering security in a Windows 2000 network|
|Windows Server 2003 only||C: Networking||70-290||Managing & maintaining a Windows Server 2003 environment|
|C: Networking||70-291||Implementing, managing & maintaining a Windows Server 2003 network infrastructure|
|S: Core Security||70-299||Implementing & administering security in a Windows Server 2003 network|
|Specialization exams (both)||C: Client OS||70-210
|Installing, configuring & administering Windows 2000 Pro
Installing, configuring & administering Windows XP Pro
|Installing, configuring & administering ISA Server 2000
CompTIA Security+ exam
With security a primary concern for so many companies and organizations that use Windows, security-savvy Windows professionals should be in pretty high demand. But MCSA numbers tell a different story simply because relatively few positions advertise for MCSAs in general (even fewer advertise for MCSA: Security in particular). Combined counts for MCSAs for both Windows versions currently approach 135,000, but only slightly over 2,700 (or about 2%) have earned MCSA: Security. I'm convinced that's because most aspiring Microsoft professionals view the MCSA purely as a stepping stone to the MCSE and don't necessarily think it's worthwhile to take an extra exam to qualify for MCSE: Security.
The plain-vanilla MCSA requires only four exams -- which can in fact include core requirements and any one of the specialization exams for MCSA: Security -- whereas earning MCSA: Security requires passing five exams. Given few opportunities for improved job opportunities, the numbers indicate that candidates prefer not to do the extra work, but get cracking on their MCSEs instead.
About the Author
Ed Tittel is the creator of the Exam Cram series of IT certification books. Ed edits this series as Exam Cram 2 for Que Publishing, along with their Training Guide series of certification study guides. He's also a contributing editor for Certification magazine, and writes regularly on certification and security topics for various TechTarget Web sites, too.
For More Information
Tip: Look into Ed Tittel's crystal ball for Microsoft security exam predictions
Best Web Links: Read up on current Windows certifications and specializations
Reader feedback: Are you certified? Tell us about your experience, and let us know if you give a thumbs up or down to certification.