A Simple Plan

Microsoft sets new securityspecializations for MCSE and MCSA titles.

I was both happy and disappointed with the details of Microsoft’s security specializations announcement. (You can read the salient facts at http://mcpmag.com/news/article.asp?EditorialsID=579) The specialization approach to certification has been honed carefully over the last couple of years by Cisco Systems, with its array of career specialties. These prove expertise in the basics, along with an extra emphasis in a particular area.

Announced during a TechEd keynote in June, the requirements for the new specializations from Microsoft—MCSE: Security and MCSA: Security—are culled from existing exams. That’s good news. As you sail toward your latest MCSE or MCSA, you can consider listing toward security in your choice of electives, thereby declaring yourself a security specialist at the end of your voyage.

The new approach is elegant in its simplicity. Security is an inherent aspect of designing, managing and administering a Windows network, so why shouldn’t the exams that cater to those job roles be good enough to lead to a security designation? And therein lay my initial disappointment. I was rather hoping for something harder-edged.

According to Contributing Editor Andy Barkl (a trainer who has taken more exams in his career than a schooner has rigging), most of the security focus in these credentials addresses the lowest common denominator. Take 70-214, Implementing Windows 2000 Security, a “prescribed exam” for both the MCSE and MCSA. In Andy’s opinion, “It’s what every new administrator should know about the basic security offering of Windows 2000.”

Likewise, another prescribed exam, CompTIA’s Security+ test, is for “any new user or network administrator who needs to prove they are at least aware of computer and network security issues and available technologies.” (The emphasis on “new” is mine.)

Andy considers the other exams on the roster tougher, because they require specific knowledge of security details within Windows 2000.

But all of these tests are multiple choice, with a few drag-and-drop or reorder item types thrown into the mix. Somehow, I thought taking on high tech terrorism would require sharper weapons—the blunt edge of time in the field, a certain form of training by authorized experts, the proven ability to get users to pay attention to what they’re doing when they open e-mail.

But, no, in its infinite wisdom, Microsoft has decided that most security breaches could be resolved with some fairly basic steps—learning the security settings in its operating systems, knowing security concepts, understanding the value of staying up on patches.

On further consideration, I decided Microsoft is right. And I hope that a whole lot of you pursue this specialization, at least in training if not in title. The world could use feeling safer.

About the Author

Dian L. Schaffhauser is a freelance writer based in Northern California.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.