Network Security Library
Javascript Feeds    RSS Feed    Security Dashboard    SearchSecurity.com
About | Contact | Advertise | Site Map
Print Printer Friendly      PDF PDF Version
intrusion detection E-mail      Save Save This

Decrypting the Different Exam and Certification Models


{LANG_NAVORIGIN} Certifications
By: Derek Melber, 04/21/2005



Virtual Exams



Virtual exams provide a virtual computer environment, which removes the limitations of simulation exams. The main limitation that the virtual exam format resolves is that the simulation exam can only mimic a portion of the entire OS. The virtual exam format not only provides the entire OS but also an entire network of OSs. This benefit allows for more of a real- world testing environment.

When the entire OS is provided, the candidate is required to know all aspects of the OS and tools that are being tested. The test is not limited to configurations, but also management, implementation, monitoring, and troubleshooting. All of these facets can be tested through the use of the real-time logs, security settings, and behavior of the OS and tools.

The structure of the exam questions will be similar to what those available in other exams, but there will be a virtual computer tab or environment that allows the candidate to work in the OS. Figure 2.6 illustrates what a virtual exam environment might look like.


Figure 2.6: Virtual exams provide the question, scenario, and virtual computers.

As you can see in Figure 2.6, the environment enables a candidate to access a real computing environment—which is a very unique testing format. There are many cases in which the candidate has access to a server and client, which provides an opportunity to deploy security settings, establish security baselines, or even use the client as an attacking computer against the server.

With each of these examples of how to use a virtual exam, you can see that the options for testing knowledge are taken to a new level. The interaction with the candidate can also be taken to the next level: These exams provide interaction with the candidate to ensure that he or she confirms that the question has been answered completely (see Figure 2.7).


Figure 2.7: These exams can provide interaction with the candidate to ensure that the candidate has approved his or her answers.

Although very thorough, this exam format is not ideal for every exam. There is a drawback to these exams from the development standpoint. These exams do take a bit of time to produce, because the grading mechanism needs to be encoded for each question. However, testing technologies have solved these problems and have produced efficient methods for exam development. The other large drawback to these exams is testing centers. Many testing centers conduct exams on outdated hardware and age-old software. Until all of the testing centers get updated hardware and software, virtual exams can only be delivered in a few testing centers throughout the country. As vendors become more confident with the ability to test by using the virtual computing environment, these exams will be popping up all around. Until then, the limitations of the current testing centers make all vendors pause to use the technology.

Keep your eyes open for an exam that uses virtual exams, because they will prove to be a quality exam. With all quality exams, the certification that is produced from it is put on a pedestal. These exams will provide a clear line in the sand, separating traditional exams and exams that provide a hands-on environment.


Hands-On Exams



At the top of the exam pyramid is the hands-on exam. These exams have proven to be the crème de la crème of the examination world. These exams provide a real-world environment and thus take longer than most exams. They are able to test more complex and detailed knowledge. For these exams, the candidate is put into a room with real computers and equipment. There is typically a proctor or two to help guide you through the exam. In some cases, the proctors might ask you to leave the room, then they will cause problems or make incorrect configurations on the equipment. You are asked to come back into the room and fix the issues. If the exam has a time limit for each task, the pressure can get extreme.

As you can imagine, there is nothing that can’t be tested with this format: a proprietary firewall, an entire network of computers, a network with Internet connectivity, or security on large equipment. As long as the computer network and devices can be made available to the candidate, the exam can be performed.

For most hiring managers and directors, this format is the best solution for testing the knowledge of potential and current employees. The barrier for these exams to provide this feedback is cost and availability. These exams can force limitations of space and location. With some equipment being large and networks requiring a lot of space, the testing environment is limited.

These exams also need to have live proctors to ensure that the hardware and software used in the exam does not fail. The proctor is also needed to help guide the candidate through the exam. These proctors typically need to be technical and in many cases need to hold the certification themselves. The cost of providing a real computing environment with certified proctors is very high. This cost is often pushed to the candidate who is trying to obtain the certification.

Unlike most traditional exams, these exams cannot be provided at the standard testing centers. Few testing centers can handle the array of OSs, hardware, and devices that would be required for the array of security topics on the market. Thus, each vendor must step up to the plate and provide the testing center or centers. With the cost of these testing centers at a premium, the vendors can’t provide “a testing center near you.” Instead, you will most likely need to travel to a testing center provided by the vendor. The cost of the transportation and lodging during your stay is typically not included in the cost of the exam.

As you can see, the hands-on exam format is ideal for thoroughly testing every situation. However, there are the drawbacks and limitations of cost and proximity. These limitations make these exams difficult to find in the mainstream exam space. Most vendors provide traditional conceptual exams for the entry-level certifications, and in some cases, the vendor will provide a high-end certification presented in the simulation or virtual exam format. The hands-on exams are left for the extreme high-end certifications. These certifications are at the top of the exam tree, and those that hold these certifications are typically in higher demand than those who do not.
















E-Mail Link

Your IP address will be sent with this e-mail
From e-mail to e-mail



Stats
10437 Views
4.4/5 Rating
5 Votes
Papers
Newest
Highest Rated
Most Viewed
Reference

Services
Javascript Feeds
RSS (New Papers)
Security Dashboard

Our Stuff
About SecurityDocs
Advertise
Contact

Valid HTML 4.01!
Valid CSS!


Unless otherwise noted, all paper copyrights are owned by the author. The rest copyright 2003-2005 TechTarget

Privacy : Contact