Editor's Desk

A Simple Plan

Microsoft sets new securityspecializations for MCSE and MCSA titles.

I was both happy and disappointed with the details of Microsoft’s security specializations announcement. (You can read the salient facts at http://mcpmag.com/news/article.asp?EditorialsID=579) The specialization approach to certification has been honed carefully over the last couple of years by Cisco Systems, with its array of career specialties. These prove expertise in the basics, along with an extra emphasis in a particular area.

Announced during a TechEd keynote in June, the requirements for the new specializations from Microsoft—MCSE: Security and MCSA: Security—are culled from existing exams. That’s good news. As you sail toward your latest MCSE or MCSA, you can consider listing toward security in your choice of electives, thereby declaring yourself a security specialist at the end of your voyage.

The new approach is elegant in its simplicity. Security is an inherent aspect of designing, managing and administering a Windows network, so why shouldn’t the exams that cater to those job roles be good enough to lead to a security designation? And therein lay my initial disappointment. I was rather hoping for something harder-edged.

According to Contributing Editor Andy Barkl (a trainer who has taken more exams in his career than a schooner has rigging), most of the security focus in these credentials addresses the lowest common denominator. Take 70-214, Implementing Windows 2000 Security, a “prescribed exam” for both the MCSE and MCSA. In Andy’s opinion, “It’s what every new administrator should know about the basic security offering of Windows 2000.”

Likewise, another prescribed exam, CompTIA’s Security+ test, is for “any new user or network administrator who needs to prove they are at least aware of computer and network security issues and available technologies.” (The emphasis on “new” is mine.)

Andy considers the other exams on the roster tougher, because they require specific knowledge of security details within Windows 2000.

But all of these tests are multiple choice, with a few drag-and-drop or reorder item types thrown into the mix. Somehow, I thought taking on high tech terrorism would require sharper weapons—the blunt edge of time in the field, a certain form of training by authorized experts, the proven ability to get users to pay attention to what they’re doing when they open e-mail.

But, no, in its infinite wisdom, Microsoft has decided that most security breaches could be resolved with some fairly basic steps—learning the security settings in its operating systems, knowing security concepts, understanding the value of staying up on patches.

On further consideration, I decided Microsoft is right. And I hope that a whole lot of you pursue this specialization, at least in training if not in title. The world could use feeling safer.

About the Author

Dian L. Schaffhauser is a freelance writer based in Northern California.


  • Microsoft Previews Microsoft Teams for Linux

    Microsoft on Tuesday announced a "limited preview" release of Microsoft Teams for certain Linux desktop operating systems.

  • Hyper-V Architecture: Some Clarifications

    Brien answers two thought-provoking reader questions. First, do Hyper-V VMs have direct hardware access? And second, how is it possible to monitor VM resource consumption from the host operating system?

  • Old Stone Wall Graphic

    Microsoft Addressing 36 Vulnerabilities in December Security Patch Release

    Microsoft on Tuesday delivered its December bundle of security patches, which affect Windows, Internet Explorer, Office, Skype for Business, SQL Server and Visual Studio.

  • Microsoft Nudging Out Classic SharePoint Blogs

    So-called "classic" blogs used by SharePoint Online subscribers are on their way toward "retirement," according to Dec. 4 Microsoft Message Center post.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.