Security Tracks: Specializing in Security
Beyond those credentials covered elsewhere in this StudyGuide, there are also opportunities to follow security tracks beneath the umbrella of other certifications. One of the best-known examples of longest standing is the security track in the Cisco Certified Internetwork Expert (CCIE) program. Likewise, Microsoft has offered a security specialization for its Microsoft Certified Systems Engineer (MCSE) and Microsoft Certified Systems Administrator (MCSA) credentials since summer 2003, where this specialization is available to candidates pursuing either Windows 2000 or Windows Server 2003 as their platform focus (for a total of four specialized credentials in all). Other vendors, such as Sun Microsystems, offer security credentials within the context of multi-certification programs as well—the Solaris administrator program, in this case. And, until August 2003, Novell offered a security specialist certification, but cancelled the whole program at that time.
These specialization credentials offer opportunities for IT professionals with substantial existing investments in existing vendor platforms, tools and technologies to work themselves into doing more security on the job—or at least, to demonstrate a strong interest in taking on security responsibilities and activities. It’s tempting to dismiss such credentials as simple add-ons to existing, well-established curricula or credentials, but in most cases, security gets substantial coverage and attention in such programs rather than playing second fiddle to other topics. Table 1 sums up the various credentials that fall into this general specialization realm that are covered in more detail in this story.
Cisco Security Tracks & Specializations
One of Cisco’s newer certifications, the Cisco Certified Security Professional (CCSP), tests candidates’ knowledge of securing Cisco networks, with an emphasis on perimeter security, virtual private networks (VPNs) and intrusion protection. Before testing, candidates must first hold a valid Cisco Certified Network Associate (CCNA) or Cisco Certified Internetwork Professional (CCIP) certification. Five exams are required: #642-501, Securing Cisco IOS Networks; #642-521, Cisco Secure PIX Firewall Advanced; #642-531, Cisco Secure Intrusion Detection System; #642-511, Cisco Secure VPN; and #642-541, Cisco SAFE Implementation. Like all of Cisco’s professional-level credentials, the CCSP is valid for three years, and recertification requires passing a current version of the appropriate security exams.
Candidates for CCIE Security must first pass a written exam that overlaps substantially with the written exam that CCIE candidates for all tracks must complete. It’s when they tackle their lab exams that the security concentration for this credential becomes overwhelmingly clear. Although it’s a relatively new CCIE track (less than two years old), it’s attracting considerable interest and activity. Current estimates are that between 20 percent and 25 percent of CCIE candidates pursue the security track.
As part of the Cisco Qualified Specialist program, the VPN and security certification specialty includes four certifications. One aims at sales professionals; I cover only the three technical credentials here. For each of these credentials, a valid CCNA is the sole prerequisite. Candidates for all three must take and pass two exams, including #642-501, Securing Cisco IOS Networks, to ensure that all specialists in this area are competent in recognizing and dealing with general router and device security matters, configurations, updates, maintenance and so forth. For each specialization, the following additional exam is also required:
- Cisco Firewall Specialist: #642-521 CSPFA, Cisco Secure PIX Firewall Advanced. Beyond general router and device security topics, this specialization concentrates on the PIX Firewall in great detail.
- Cisco IDS Specialist: #642-531 CSIDS, Cisco Secure Intrusion Detection System. Beyond general router and device security topics, this specialization concentrates on the Cisco intrusion detection system in great detail.
- Cisco VPN Specialist: #642-511 CSVPN, Cisco Secure Virtual Networks. Beyond general router and device security topics, this specialization concentrates on Cisco’s VPN products, plus related firewall, remote access, plus server- and client-side protocols, certificates, shared keys and so forth.
For all three specializations, recertification is required every two years and means taking whatever exams are required to obtain the credential for the first time. Thus, for these credentials, recertification is the same thing as retesting. According to several reports, the VPN and Security specializations are among the most popular tracks in the Cisco Qualified Specialist program, just behind the core access routing and LAN switching track and about on par with IP telephony.
Microsoft Security Specializations
Normally, Microsoft requires candidates to take four exams to obtain an MCSA and seven exams for an MCSE. All security specializations, except MCSE Security on Windows 2000, add one exam to this total. Fixed core requirements remain unaltered, but where other unspecialized credentials have elective exams and candidates can choose from numerous options, specialized credentials have security specialization exam requirements with a limited number of options. Table 1 includes URLs for the complete Microsoft requirements pages for those in need of such details.
Microsoft security specializations rate high on various IT professional surveys of desirable or planned certifications—some experts have gone so far as to say that anybody considering an MCSE or MCSA should definitely pursue security specializations. Counts of individuals holding security specializations reported in early March 2004 listed 2,211 MCSEs and 1,904 MCSAs as having qualified, but did not distinguish between Windows 2000 and Windows Server 2003 tracks. These numbers should grow dramatically by the end of 2004, however—especially in the Windows Server 2003 track, for which security exams have only been available since between December 2003 (#70-298) and February 2004 (#70-299).
Sun Certified Security Administrator
The Sun Certified Security Administrator credential is a relatively new element in the collection of Solaris administration certifications. The full, formal title for this credential is Sun Certified Security Administrator for the Solaris Operating System. Obtaining this credential comes with no prerequisites—though Sun does recommend that candidates be familiar with both system and network administration for Solaris systems, so that it’s not unthinkable that candidates would obtain Sun Certified System Administrator and Sun Certified Network Administrator credentials before tackling this one. It’s only necessary to pass one exam to obtain this credential: #310-301, Sun Certified Security Administrator for the Solaris 9 Operating System (please note that this mandates making oneself familiar with that operating system’s most current release). Likewise, Sun recommends that candidates have at least six to 12 months of experience working as Solaris security administrators before tackling this exam. Sun does not publish figures on numbers of certified professionals, but my best guess is that System Administrators outnumber Security Administrators by four or five to one and Network Administrators outnumber Security Administrators by two or three to one. It’s a worthwhile credential for those interested in Solaris security topics.
Making Specialization Work for You
Those who work around Cisco, Microsoft, Sun and other specific platforms and environments are well advised to look for opportunities to specialize in security, if the subject matter is of interest. That’s because security remains one of the few bright spots in IT nowad