Getting your MCSA: Security certification

When users or IT professionals hear the word 'Microsoft,' for many the first thought that comes to mind is 'security...

problems!' And indeed, a working knowledge of security principles and practices is essential for anybody working on or around Microsoft systems and networks nowadays. Those seeking to develop the right skills and knowledge to address such concerns could do a lot worse that pursuing an MCSA: Security to help that process along. While this credential by itself may not guarantee a good (or better) job, it will help interested IT professionals learn concepts, practices and skills that will stand them in good stead in the workplace for years to come.

Overview

In 2003, Microsoft introduced the concept of specializations for its popular MCSA and MCSE (Microsoft Certified Systems Administrator and Engineer) certifications. This program includes a security track for both credentials, in which all the requirements for the more junior MCSA feed nicely into those for the more senior MCSE. In this tip, I'll take a closer look at MCSA: Security. In my next tip, I'll discuss the MCSE: Security.

Security specializations are currently available for Windows 2000 and Windows Server 2003. For both platforms, candidates for MCSA: Security must take one more exam than is required for the general MCSA or the MCSA: Messaging.

According to Microsoft's recent certification count (dated Sept. 9, 2004), slightly over 2,700 people have earned MCSA: Security (combining both Windows 2000 and Windows Server 2003 certifications) as compared to over 18,000 who've earned MCSA: Messaging. Nearly 114,000 have earned MCSA on Windows 2000 and over 21,000 have done likewise for Windows Server 2003.

Workload requirements

The security specialization does two things to MCSA requirements. First, it focuses core exams on security topics where applicable; second, it turns what are called electives on the plain-vanilla MCSA into what are called specialization exams and offer a security bent. Table 1 shows requirements for the Windows 2000 and Windows Server 2003 versions of the MCSA: Security credential.

Note: "C:" indicates "Core exam," while "S:" indicates "Specialization exam."

Table 1: MCSA: Security Requirements

Job opportunities

With security a primary concern for so many companies and organizations that use Windows, security-savvy Windows professionals should be in pretty high demand. But MCSA numbers tell a different story simply because relatively few positions advertise for MCSAs in general (even fewer advertise for MCSA: Security in particular). Combined counts for MCSAs for both Windows versions currently approach 135,000, but only slightly over 2,700 (or about 2%) have earned MCSA: Security. I'm convinced that's because most aspiring Microsoft professionals view the MCSA purely as a stepping stone to the MCSE and don't necessarily think it's worthwhile to take an extra exam to qualify for MCSE: Security.

The plain-vanilla MCSA requires only four exams -- which can in fact include core requirements and any one of the specialization exams for MCSA: Security -- whereas earning MCSA: Security requires passing five exams. Given few opportunities for improved job opportunities, the numbers indicate that candidates prefer not to do the extra work, but get cracking on their MCSEs instead.

For More Information

Tip: Look into Ed Tittel's crystal ball for Microsoft security exam predictions

Best Web Links: Read up on current Windows certifications and specializations

Reader feedback: Are you certified? Tell us about your experience, and let us know if you give a thumbs up or down to certification.