BFC2: Network Security Challenges

The BFC2: Network Security Challenges course is closely related to TGT2. My recommendation would be to take these courses back-to-back and start with TGT2.



BFC2 is the only course in my curriculum that has an objective assessment. For this special occasion I used a Kryterion camera and was proctored remotely at home.

Prior to taking the exam, you'll have the opportunity to take up to three pre-assessments. I would strongly recommend to take these. Not only will they help you identify your weak areas, but it will also help you prepare for some of the questions.

In short, the exam is not the best I've ever seen. In my professional life, I have written questions for certification exams for the technical track of a large telecommunications vendor. Prior to doing so, I've been trained in the basic recommendations surrounding item writing (as this process is called). A few of the recommendations are as follows:

- multiple choice questions are either 1 out of 4, 2 out of 4 or 3 out of 5;
- scenario-based questions are always better than recall questions;
- the stem (the question) must contain enough information;
- the distractors (false answers) must be plausible, but wrong;

Without revealing details on the actual questions, I can tell you that these recommendations are not adhered to. One example is a question regarding the default settings of a networking device, without revealing the vendor or operating system. It is impossible to answer this correctly, since each device will have its own default settings, and these can even change between versions of software. Another example is a question where the OSI layers are clearly mixed up, and it looks like the item writer had no clue what the correct answer actually is.

I would strongly recommend to thoroughly prepare for this exam and make sure that you read all the course material. When you take the exam, read the question a few times and keep the course material in the back of your mind. Think about what the item writer wants to hear, not what the answer of the question should be.

Here is an example (this is NOT an actual question from the exam):

Which statement is true regarding TCPdump?

A) TCPdump can only be run on a router;
B) TCPdump can only be run on an end-host;
C) TCPdump can be run on a router and a end-host;
D) TCPdump cannot be run on a router or an end-host;

The true answer here is C, there are vendors who support running tcpdump on a router (for example, Juniper). However, the course material will refer to end-hosts only. Therefore, the correct answer in the exam would be option B.

Again, I want to reiterate that this is not a question from the actual exam and completely made up by me, but it shows a bit how tricky and out-of-date the exam is.