CompTIA says it is being more aggressive about catching cheaters through the use of biometric systems such as retinal and palm scans to identify test takers, as well as using remote cameras and microphones for proctoring and high-tech scanners for test materials. The organization also plans to create computer-generated exams on the fly.
"We will do a higher degree of identity management of people in a much broader sense. And we're not going to be using the arcane model of 60 people in a classroom," Terry Erdle, executive vice president for skills certifications at CompTIA, says. "We will be using technology to deliver better exams and make it so you can't cheat on them. We'll start introducing these [measures] in 2011...One of the messages we want to send is how fruitless cheating on exams is."
The GIAC Certification Program battles cheaters by using a proprietary system to manage its exams, which have randomized questions and answers.
"We have a proprietary algorithm so that each person has slightly different questions that follow the same test blueprint," explains Jeff Frisk, director of the GIAC Certification Program. "This gives us a larger number of unique instances of exams...You will not be getting the same list of questions in the same order as anyone else."
Also, once test-takers miss enough points that they can no longer pass the test, the GIAC computer system stops administering the test.
This approach allows GIAC to have a "very, very low" number of people caught cheating on exams, Frisk says.
While Frisk hasn't seen an upward tick in cheating incidents during the economic downturn, he thinks test-takers are more desperate because more of them are taking GIAC exams and failing them, over and over again. GIAC recently implemented a 15-day waiting period between exams as a result of this trend.
One suggestion for reducing the number of IT cheats is for the industry to become more professional overall. Northcutt points out that unlike doctors, lawyers or accountants, IT workers are not licensed and do not have a standard of practice or a code of ethics. Other professions have trade associations and state licensing boards to provide a level of deterrence for ethical lapses such as cheating on certification exams.
"If you go to the Defcon-type events, the attitude is it's OK to do things because you can. There's a view that just because you have a certain amount of knowhow, that lets you get away with some unethical behavior," Northcutt says. "At some point, we're going to have to hold ourselves accountable to the business as professionals."
Read more about infrastructure management in Network World's Infrastructure Management section.