IT Security Blog

Your source for information security news and views.

CISSP Online Exam Format: Pro & Con

Posted by Brian Edmiston
Brian Edmiston
Brian Edmiston has not set their biography yet
User is currently offline
on Wednesday, 20 June 2012 in Uncategorized

A lot of attention has been given to the new computer-based testing (CBT) exam format for CISSP® certification. This may be merited. There is an ongoing debate about the integrity of the exam itself when delivered in such an environment and the possible repercussions to the quality of the credential itself.

The concern over whether or not this delivery method could make it difficult to control fraud is of primarily importance. Is it possible that someone other than the actual candidate take the exam? What methods are being used to prevent this?

Also, can the questions be compromised so the students can prepare for the exam without mastering all of the core subject matter?

Questions such as these abound when moving to an electronic exam format, but the suppliers of online testing systems indicate that they have thought of ways to bring safeguards to the table. In fact, PearsonVUE pioneered using biometric identification for test taker authentication over ten years ago, and in recent years deployed Fujitsu’s PalmSecure biometric identification technology to over 500 PearsonVUE test facilities worldwide. More recently they introduced one-to-many (1:N) matching to provide an enhanced layer of fraud prevention, utilizing the SensoBrain distributed biometric acceleration technology which compares each test taker’s biometrics to those of everyone else in a client’s testing program, ensuring that any potential fraudulent testing based on impersonation can be proactively eliminated before it occurs.

While the move to a CBT format will obviously be a huge cost saving measure for most test-takers, who historically have had to travel some distance to take these exams, there are increasing concerns about brain dumping, causing potential brand erosion of the “elite” certification. While some argue that (ISC)2 has done an excellent job against brain dumps to-date, by retiring their questions quickly, others believe that taking the exam from a paper to an online format will degrade its value and relegate it to the level of other lower level security certs.

What are your thoughts on the pros/cons of the change in delivery for the CISSP exam?

Download our most recent IT Security Briefing  (An IP3 White Paper):  A Face-Lift for CISSP Exams - June 2012 - [Download PDF]

Brian Edmiston has not set their biography yet

Comments

Timothy Horn
Timothy Horn has not set their biography yet
User is currently offline
Timothy Horn Thursday, 21 June 2012

CAT = no going back to previous questions?

Nice write up regarding the exam face-lift.

Correct me if I am wrong but, if they do move to CAT, that will mean that we will no longer be able to go back to previous questions. Marking questions and going back to them will no longer be a viable exam strategy.

I may be missing something, so I may be wrong.

Regards,

Tim

Brian Edmiston
Brian Edmiston has not set their biography yet
User is currently offline
Brian Edmiston Tuesday, 26 June 2012

To CAT, or Not CAT

Hi Tim,

Thanks for your response. We contacted PearsonVUE to find out the testing methodology being used for the CISSP exam. PearsonVUE was provided with a standard reply by (ISC)2, and confirmed with us, that the CISSP exam is NOT an adaptive online exam. Therefore, you CAN go back and review questions.

Timothy Horn
Timothy Horn has not set their biography yet
User is currently offline
Timothy Horn Wednesday, 27 June 2012

Thanks for the follow up Brian

I appreciate it.

Please login first in order for you to submit comments