.

MCSE/:Security Track

<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Jul 13, 2007 1:17 pm

MCSE/:Security Track

This isn't directly related to hacking, but is still within the realm of security. For those of you who already have your MCSE 2003 (or earlier) with or without the security specialization, what order would you recommend studying and taking the tests in?

I haven't completely decided that I'm going to go this route yet (still studying for CHFI right now; thanks, Don :)). I've had several different people give me their thoughts and opinions on doing the 2003 track now, or just studying and waiting for the new 2008, etc. I'm kinda leaning towards getting the 2003 set knocked out and then upgrading to 2008 when available, but again, I just don't know.

If I do decide to study and attempt the exams, this was the order I was looking at doing it in:

290 (Manage/Maintain Env.)
291 (Implement/Manage/Maintain Infra.)
299 (Implement/Administer Security)
270 (XP Pro)
Sec+ (CompTIA)
293 (Plan/Maintain Infra.)
294 (Plan/Implement/Maintain AD)
298 (Designing Security)

What are all your thoughts and opinions on this order and/or pursuing the 2003 series? Thanks in advance.
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Fri Jul 13, 2007 3:27 pm

Re: MCSE/:Security Track

Lots of thoughts on this, so here we go...

Get your feet wet and your mind thinking in the MS way by doing XP first. Or if you're comfortable, do the Vista exam. Either way, I would do the client OS to start.

I felt that the 291 exam was the hardest. Maybe it was my experience at the time or maybe it was the group of questions I got from the random selection, but if I did it over again, I would do 291 later in the process. The second hardest exam was 298.

I always felt that it might be easier to do 293 and 294 before doing 290 and 291. But this is an untested theory. 3 and 4 are planning (big picture) exams whereas 0 and 1 are implementation (more detailed) exams. I feel I would have been better prepared for the details of 291 had I gone through the planning stages. It just so happens that actual IT projects are done this way and for good reason. You don't start installing Windows Server 2003 on a bunch of machines, assign IP addresses, figure out the physical infrastructure of the network, etc. etc. before you plan it out. If you plan first in the real world, then you should study that way as well.

Security+ is my recommended elective and the path I chose. It not only gives you a better resume but also experience with other organizations' exams. Since you have experience, you'll be able to pass this one with no problem, but you do have to take at least 1 MS exam before an outside elective will be credited. And it might be a good idea to take the Security+ exam and get that experience and knowledge under your belt before continuing.

Here's another thought. You may (forgive me for saying) lose interest after 7 exams. It's a lot to state the obvious. So you may want to take a path that gets you your MCSE after 7 exams leaving open the option as to whether you really want to take an 8th for the specialization in security. Another school of thought is to force yourself, so if you don't do all 8 exams, you won't get anything but your MCSA. A little personal incentive. Your choice.

So here's my THEORY on how I might attempt it:

270
Security+
293
294
290
291
298
299

Confused yet?  :P

Hope this helps,
Don
CISSP, MCSE, CSTA, Security+ SME
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Jul 13, 2007 3:50 pm

Re: MCSE/:Security Track

Heh, well I had to re-read it a couple times to make sure I got it all, but nah, not too confused.

In fact, I originally had the same train of thought you just stated about taking the "big picture" exams (planning) before the more detailed (implementing). And I did consider starting off with 270 as I figured that one is probably the easiest of the bunch (or at least the one with which I have most experience), other than the Security+, which I thought I'd have taken by now but have been busy focusing elsewhere.

The order I placed them in was to make use of your last point. After the first 4, I'd have completed the MCSA set and after the Security+ that'd give me the Security specialization for that. Then I'd have the 3 more to fulfill the MCSE:Security requirements.

Thanks for the thoughts and comments, Don. I'll have to continue pondering on it.

Also, what would you recommend I use to study? I'm going back and forth between running the 03 Server as a VM on my main desktop, and also running a fresh XP VM as the single client. Or I may just install 03 Server on a separate computer entirely. It shouldn't have any major effects running it in a VM should it?

Heh, hey, if nothing else at least after I take and pass the first MS test I'll get MCP, right? ;D
<<

What90

Full Member
Full Member

Posts: 120

Joined: Sat Jun 09, 2007 2:23 am

Location: Syndey, Australia

Post Fri Jul 13, 2007 8:30 pm

Re: MCSE/:Security Track

Unlike Don, I did the update exams, some missed out on his pain  :)

I prefered the ISA exam to the Security+ as it's Ms premier security tool and is widly deployed these days (now part of ForeFront)

I'm a bit biased as I work with quite a few ISA boxes though. ;) It's solid firewall skills, rather than the generalised knowledge of Security+

The one thing I found is to keep in the Microsoft mindset for the duration of the exams.
I forced myself to do the two MCSE upgrades, the two security and the two Exchange exams in a three month block just to stay in the exam groove. I work with these technologies every day, but real life means that you do other stuff and it can dilute the Ms exam mindset.
It's a long haul, so this stopped me from having to re-study the more obscure pieces of the course work, and helped put forward and exam study plan with targets for exam taking days.


For the MCSA/MCSE exams, make sure you have plenty of ram in the computer then I’d suggest the following Labs set up

For the MCSE:
Two servers and two XP workstation

This lets you practice domain promotions, moving FSMO roles, assigning different server roles deploying GPO policies

Fore the MCSE:Security

Three servers and two XP workstation

You need to build multiple domains and forests plus trusts between the forests. PKI plays a solid part of the MCSE:Security understanding planning, deploying and configuring. How it hands out certificates to the different roles, revoking them and so on

If you are using vmware, take snap shots of the basic build of the server and workstation at different build stages. It’s nice to jump back to a clean stage after tweaking something you shouldn’t have that breaks everything  :o

Pull down a 120 day trial copy of Windows 2003 here:
http://www.microsoft.com/downloads/deta ... laylang=en

My other suggestion is that you print out the Preparation Guide for each exam, as some of the study books miss a topic. CertCities have good guides to what the exams are like http://certcities.com/editorial/exams/d ... asp?page=3

Good luck and book yourself a long holiday after the final exam  ;)
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Fri Jul 13, 2007 9:28 pm

Re: MCSE/:Security Track

Cool, thanks for the tips.. much appreciated :)

So running the servers through VMware shouldn't have any strange side-effects or issues for purposes of studying for the exams? Yeah, I definitely make use of the 'snapshot' feature of VMware, it's sweet.

I've got a couple copies of Server 2003. One that I already downloaded, I believe R2, and the book set that I bought also includes an R2 copy. I ended up purchasing all of the Microsoft Press self-study guides for each exam. I know Don has mentioned, as I'm sure others have, to study from multiple sources. I figured these would be a pretty good start as they're from Microsoft. I'll be sure to follow-up with that CertCities link though.

Yeah, I'm definitely not going to be able to take the tests that fast. I just don't have that amount of experience. I'll need to tackle them on an individual basis, reading through each book thoroughly and practicing just the same. If I can achieve MCSA:Security by the end of the year, I'll be happy :)

Thanks again.
<<

What90

Full Member
Full Member

Posts: 120

Joined: Sat Jun 09, 2007 2:23 am

Location: Syndey, Australia

Post Fri Jul 13, 2007 10:22 pm

Re: MCSE/:Security Track

I use VMware to simulate various production environments (thank you VMware!), so you'll be fine with using it for a small lab.

A nice note is the the virtual VM vlans are like hubs, so you can sniff the traffic for the entire test lab. Useful for future security testing!

If you are going for the slow and steady approach, I'd suggest you keep a study journal. Having your own notes to refer back to make it a lot easier to re-absorb all that info. Also make on in vmware on what you've done on each machine. It's easy to forget what you did a month ago on one of the images.

Keep us posted on your march towards MCSA:Security!
I'm sure a review of each exam for your perspective would help others.

Return to General Certification

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software