Cheaters: Inside IT Certification Fraud
It All Starts with the Test
Test developers are adding new measures of security into their exams. Prometric's Meissner says innovation in test security will help curtail cheating. "There are new ways to assemble a test to incorporate security," Meissner says. "For example, a fixed form test that has 100 items would be easy to memorize. By adding item cloning, in which there are three or four variations of the test, the full test is much harder to memorize. Making the test modular creates even more variations. Even better, dynamic forms use a computer system to generate a unique test for each candidate." All of these techniques make it harder for people to memorize and regurgitate the test for profit.
Futch says Symantec is taking a bit of a "fight fire with fire" approach to exams. "Symantec uses multiple versions of a test for each certification exam, and we use stealth questions embedded in the tests to determine if people have used brain dump sites to prepare," Futch says.
Several vendors, including Microsoft, HP, Citrix and Cisco, use performance-based testing, a method that includes a hands-on portion of the test that is difficult to fake. The test taker uses a simulator or a virtual environment to perform specific actions that help him derive the answers to test questions. In addition to being a better way to judge a person's knowledge of the subject matter, performance-based exams reduce the possibility of cheating. This type of exam is more difficult and expensive to develop, but new innovations in virtualization and animation are making it easier to develop and administer the exams.
Citrix is adding a "why" element to its exams. "We have a quality initiative within our courseware development team that is focused on including the 'why' in our course content," Scalisi says. "This will help ensure that our students not only learn how to perform required tasks but why it's important as well. Going forward, our exams will likely include this, making it more difficult or impossible to memorize answers." She points out that one of the exams associated with the Citrix Certified Integration Architect (CCIA) certification track tests candidates' ability to make design related decisions and then advise why they made their decision.
Certification Is Still a Good Measure of Skills
Horzempa stresses that the certification process is still important to employers looking to hire qualified IT professionals. "The vast majority of people who have attained certifications have done so legitimately," Horzempa says. "They have studied hard and applied their experience and knowledge to prove they are experts in their field. Employers can still have confidence in using certifications as one measure in evaluating candidates for employment."
On rare occasions, people may claim to have credentials that they really don't have. "Employers can always contact a vendor directly to verify that a person holds a credential," Gregory of TrainingIndustry.com says. He compares it with verifying employment history when candidates list previous employers on a resume or application. Most certifying agencies will verify whether a person has attained the credentials he lists on his resume.
As Scalisi points out, certification that is earned legitimately validates that a person possesses the qualifications that will help him perform a job successfully. Thus it is in everyone's best interest to maintain the integrity and value of the IT certification system.
"There will be people who cheat no matter what," Horzempa adds. "To them, the risk of getting caught is worth the reward of making easy money. But there are many more honest people that might be tempted to cheat – say, by buying a 'study aid' that is really a copy of the exam – that must now ask themselves if the penalty is worth the risk. Is it really worth ruining your career and destroying your personal integrity if you get caught cheating or selling the exams? To these people, I simply say, 'Study for the test, and take it legitimately.'"