Q

Ensuring integrity of online cert exams

This Content Component encountered an error

I see that the SANS security certification exam can be taken at home over the Internet. This is indeed convenient. However, how does SANS ensure that it is the candidate who is answering the questions and without help from "friends." I want to take this exam but am worried that certification won't be regarded too highly because of this. Your insight on this will be very useful.


The question of "exam integrity" strikes right to the heart of the issue and is a primary motivator for many companies like Microsoft, Novell, Cisco and numerous others who require candidates to take their exams at Prometric or VUE testing centers under supervision, or like other security certifications (CISSP, CCP, etc.) offer their exams in proctored situations only at specific times and locations.

There are several ways to respond to your query:

  • Some exam providers elect to trust candidates and give them the option to "cheat" in unsupervised circumstances. The types of exams delivered in such circumstances, however, tend to be much more difficult and demanding than those given under more controlled circumstances. I believe the idea is to so overload a candidate with material, that unless the candidate is familiar and comfortable with that material, all the help (and extra materials) in the world won't enable them to complete the exam successfully anyway.

  • Nearly every certification program in general, and every security certification program I know of, includes a "Code of Ethics" as part of its requirements for would-be certificants. Item # 1 in the SANS NDA and Code of Ethics reads as follows:

    "1. I understand that the requirements for GIAC certification must be completed in full by me and me alone as the certification candidate. I further understand that all work submitted must be my own, and not developed by or in conjunction with other individuals or GIAC candidates. I declare that all of my work is original, and where I may have referenced the work of others, that work is clearly identified, credited, and used with appropriate permission."

    So, if somebody cheats or works with others, they are in violation of the code. If they get caught, they lose their certification.

    While it's true that not many certification programs work this way, I do not think this approach reflects negatively on the SANS credentials. I have not heard or read about them being questioned on the bases of fairness, accuracy or integrity anywhere in the media or newsgroups that I follow, either.

    If you're interested in SANS certification, don't let this characteristic stop you from pursuing those interests.


    For more information on this topic, visit these other searchSecurity resources:
    Best Web Links: Infosec Training, Careers and Events
    Executive Security Briefing: Revisiting the security certification landscape
    Featured Topic: Security certifications


  • This was first published in February 2002

    Dig deeper on Security Industry Certifications

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close