Most of the problem with certification is that the tests primarily consist of multiple-choice tests that merely test your book knowledge or very basic reasoning skills. For example one could likely pass the CISSP or CEH with very little technical knowledge by simply reading the materials and perhaps participating in lab exercises. There of course is a bit of test-taking skill and strategy that comes into play as well.
Understanding theory in IT security(or any science for that matter) is only half of it. I think that more lab-based tests need to become part of the common testing framework. A good example is the OSCP, which is one hard-core technical test.
I've taken the CISSP, CEH, CISA, CCNA, and OSCP. OSCP being a completely practical test is definitely the only one that I feel truly tested skills versus "book smarts". If I'm ever in a hiring situation and I see the OSCP on someones resume they're going to be the first person I bring in for an interview.








OSCP - Offensive Security Certified Professional : Failed my first attempt at the OSCP exam




