A Simple Plan

Microsoft sets new securityspecializations for MCSE and MCSA titles.

I was both happy and disappointed with the details of Microsoft’s security specializations announcement. (You can read the salient facts at http://mcpmag.com/news/article.asp?EditorialsID=579) The specialization approach to certification has been honed carefully over the last couple of years by Cisco Systems, with its array of career specialties. These prove expertise in the basics, along with an extra emphasis in a particular area.

Announced during a TechEd keynote in June, the requirements for the new specializations from Microsoft—MCSE: Security and MCSA: Security—are culled from existing exams. That’s good news. As you sail toward your latest MCSE or MCSA, you can consider listing toward security in your choice of electives, thereby declaring yourself a security specialist at the end of your voyage.

The new approach is elegant in its simplicity. Security is an inherent aspect of designing, managing and administering a Windows network, so why shouldn’t the exams that cater to those job roles be good enough to lead to a security designation? And therein lay my initial disappointment. I was rather hoping for something harder-edged.

According to Contributing Editor Andy Barkl (a trainer who has taken more exams in his career than a schooner has rigging), most of the security focus in these credentials addresses the lowest common denominator. Take 70-214, Implementing Windows 2000 Security, a “prescribed exam” for both the MCSE and MCSA. In Andy’s opinion, “It’s what every new administrator should know about the basic security offering of Windows 2000.”

Likewise, another prescribed exam, CompTIA’s Security+ test, is for “any new user or network administrator who needs to prove they are at least aware of computer and network security issues and available technologies.” (The emphasis on “new” is mine.)

Andy considers the other exams on the roster tougher, because they require specific knowledge of security details within Windows 2000.

But all of these tests are multiple choice, with a few drag-and-drop or reorder item types thrown into the mix. Somehow, I thought taking on high tech terrorism would require sharper weapons—the blunt edge of time in the field, a certain form of training by authorized experts, the proven ability to get users to pay attention to what they’re doing when they open e-mail.

But, no, in its infinite wisdom, Microsoft has decided that most security breaches could be resolved with some fairly basic steps—learning the security settings in its operating systems, knowing security concepts, understanding the value of staying up on patches.

On further consideration, I decided Microsoft is right. And I hope that a whole lot of you pursue this specialization, at least in training if not in title. The world could use feeling safer.

About the Author

Dian L. Schaffhauser is a freelance writer based in Northern California.

Featured

  • MIT Finds Only 1 in 20 AI Investments Translate into ROI

    Despite pouring billions into generative AI technologies, 95 percent of businesses have yet to see any measurable return on investment.

  • Report: Cost, Sustainability Drive DaaS Adoption Beyond Remote Work

    Gartner's 2025 Magic Quadrant for Desktop as a Service reveals that while secure remote access remains a key driver of DaaS adoption, a growing number of deployments now focus on broader efficiency goals.

  • Windows 365 Reserve, Microsoft's Cloud PC Rental Service, Hits Preview

    Microsoft has launched a limited public preview of its new "Windows 365 Reserve" service, which lets organizations rent cloud PC instances in the event their Windows devices are stolen, lost or damaged.

  • Hands-On AI Skills Now Outshine Certs in Salary Stakes

    For AI-related roles, employers are prioritizing verifiable, hands-on abilities over framed certificates -- and they're paying a premium for it.