But IBT isn't always a good fit. It requires significant bandwidth, and some testing centers, particularly in overseas locations where the most intellectual property theft occurs, don't have enough to reliably deliver tests in that way, Addicott says.
-- Robert L. Mitchell
That process can present an expensive challenge, however, because organized theft rings can compromise entire tests within three to five weeks of when they're first released, while most IT certification exams are refreshed every 12 to 15 months, Addicott says.
Kainraith admits that's a problem, but he thinks that questions take a bit longer to appear on brain-dump sites, and says CompTIA replaces tests at a rapid pace. "We're able to churn our items a lot faster than 12 to 15 months," he says, although he declined to say how fast.
While CompTIA has the scale and resources to turn over its test questions more quickly, smaller IT certification programs are more limited because the cost of building and maintaining tests ranges from hundreds of dollars per question to thousands of dollars per test item, according to Caveon.
Countermeasures: Tripping up the cheats
Catching cheaters has become its own science. "More candidates are sharing knowledge than we've seen in the past," says Kainrath. But both test centers and IT certification owners have ways of figuring out who's using stolen and shared test data, as well as who might be coming in to steal it.
In addition to using live proctors, Microsoft and others are moving toward online proctoring, which combines the use of a video camera with a live feed of the test taker's screen. While an online proctor is limited by what he can see on a video camera, it's easier to take immediate action against cheaters, Grieve says. Because they can look for suspicious activity at the question level, online proctors can identify cheating sooner and end the test before the candidate can see — and possibly compromise — the rest of the exam content.
How test centers stop cheaters
- Use live and/or online proctors trained to spot suspicious activity
- Ban all electronic devices from the test room
- Perform forensic analysis of the test results to detect "anomalous" behavior that might indicate cheating
- Use "Trojan horse" questions or other innovative test designs that tip off test program managers that the candidate studied stolen test content
- Identity validation with photo ID, digital signatures, biometrics; photograph the subject and include it on the test report to thwart proxy test takers
- Randomize order of multiple-choice test questions and answers
- Use multiple exam versions containing completely different questions
- Use scenario-based questions that require that the candidate perform an action by interacting with a simulation, rather than answering a multiple choice question
- Use adaptive testing that varies each successive question based on the answer given to the previous one and stops the test as soon as proficiency is determined
Sign up for CIO Asia eNewsletters.