Problem solve Get help with specific problems with your technologies, process and projects.

Getting your MCSA: Security certification

Before you pursue a Microsoft security specialization, get an overview of the MCSA: Security's pros, cons and requirements.

When users or IT professionals hear the word 'Microsoft,' for many the first thought that comes to mind is 'security problems!' And indeed, a working knowledge of security principles and practices is essential for anybody working on or around Microsoft systems and networks nowadays. Those seeking to develop the right skills and knowledge to address such concerns could do a lot worse that pursuing an MCSA: Security to help that process along. While this credential by itself may not guarantee a good (or better) job, it will help interested IT professionals learn concepts, practices and skills that will stand them in good stead in the workplace for years to come.


In 2003, Microsoft introduced the concept of specializations for its popular MCSA and MCSE (Microsoft Certified Systems Administrator and Engineer) certifications. This program includes a security track for both credentials, in which all the requirements for the more junior MCSA feed nicely into those for the more senior MCSE. In this tip, I'll take a closer look at MCSA: Security. In my next tip, I'll discuss the MCSE: Security.

Security specializations are currently available for Windows 2000 and Windows Server 2003. For both platforms, candidates for MCSA: Security must take one more exam than is required for the general MCSA or the MCSA: Messaging.

According to Microsoft's recent certification count (dated Sept. 9, 2004), slightly over 2,700 people have earned MCSA: Security (combining both Windows 2000 and Windows Server 2003 certifications) as compared to over 18,000 who've earned MCSA: Messaging. Nearly 114,000 have earned MCSA on Windows 2000 and over 21,000 have done likewise for Windows Server 2003.

Workload requirements

The security specialization does two things to MCSA requirements. First, it focuses core exams on security topics where applicable; second, it turns what are called electives on the plain-vanilla MCSA into what are called specialization exams and offer a security bent. Table 1 shows requirements for the Windows 2000 and Windows Server 2003 versions of the MCSA: Security credential.

Note: "C:" indicates "Core exam," while "S:" indicates "Specialization exam."

Table 1: MCSA: Security Requirements

Platform Type Exam Exam title
Windows 2000 only C: Networking 70-215 Installing, configuring & administering Windows 2000 Server
C: Networking 70-218 Managing a Windows 2000 network environment
S: Core Security 70-214 Implementing & administering security in a Windows 2000 network
Windows Server 2003 only C: Networking 70-290 Managing & maintaining a Windows Server 2003 environment
C: Networking 70-291 Implementing, managing & maintaining a Windows Server 2003 network infrastructure
S: Core Security 70-299 Implementing & administering security in a Windows Server 2003 network
Specialization exams (both) C: Client OS 70-210
Installing, configuring & administering Windows 2000 Pro
Installing, configuring & administering Windows XP Pro
S:Core Security 70-227
Installing, configuring & administering ISA Server 2000
CompTIA Security+ exam

Job opportunities

With security a primary concern for so many companies and organizations that use Windows, security-savvy Windows professionals should be in pretty high demand. But MCSA numbers tell a different story simply because relatively few positions advertise for MCSAs in general (even fewer advertise for MCSA: Security in particular). Combined counts for MCSAs for both Windows versions currently approach 135,000, but only slightly over 2,700 (or about 2%) have earned MCSA: Security. I'm convinced that's because most aspiring Microsoft professionals view the MCSA purely as a stepping stone to the MCSE and don't necessarily think it's worthwhile to take an extra exam to qualify for MCSE: Security.

The plain-vanilla MCSA requires only four exams -- which can in fact include core requirements and any one of the specialization exams for MCSA: Security -- whereas earning MCSA: Security requires passing five exams. Given few opportunities for improved job opportunities, the numbers indicate that candidates prefer not to do the extra work, but get cracking on their MCSEs instead.

About the Author
Ed Tittel is the creator of the Exam Cram series of IT certification books. Ed edits this series as Exam Cram 2 for Que Publishing, along with their Training Guide series of certification study guides. He's also a contributing editor for Certification magazine, and writes regularly on certification and security topics for various TechTarget Web sites, too.

For More Information

Tip: Look into Ed Tittel's crystal ball for Microsoft security exam predictions

Best Web Links: Read up on current Windows certifications and specializations

Reader feedback: Are you certified? Tell us about your experience, and let us know if you give a thumbs up or down to certification.

Dig Deeper on Windows Server troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.