L10.1 — Exam instructions and format¶

Type: Reading · Duration: ~5 min · Status: Mandatory before exam

Read this carefully. Once you start the exam, treat it as a timed assessment.

Format¶

50 questions.
40 single-answer multiple choice (4 options, pick one).
10 scenario-based (short scenario, then one best-answer question).
Pass mark: 75% — that's 38 of 50 correct.
Time limit: 90 minutes total.
Target: ~60 minutes of actual work.
The extra 30 minutes is buffer for re-reading scenarios. Don't waste it on questions you don't know — flag and move on.

Allowed during the exam¶

A blank scratchpad (paper or digital).
Course modules only for concept reminders — e.g., "what's the difference between extraction and inversion." Not for searching the exact phrase of a question, which won't work anyway because the questions are conceptual.
Standard developer tools (terminal, calculator).

NOT allowed¶

Asking another person.
Asking an LLM the exam question (we trust you on this — the certificate is worthless if you didn't earn it).
Saving the questions to share elsewhere (these are copyrighted course material).

Scoring¶

Each correct answer: 1 point.
No partial credit. No penalty for wrong answers — always guess if you don't know.
Total possible: 50 points.
Pass: ≥ 38.

Attempts and retake policy¶

2 attempts permitted per enrollment.
7-day cool-down between attempt 1 and attempt 2 — use the time to revisit weak modules.
Both attempts use the same item bank, but the LMS will shuffle question order and option order to discourage answer memorization.
If you fail attempt 2, you have two options:
Re-enroll at a discounted rate (50% off, one time).
Capstone-only review path — submit capstone artifacts to a senior reviewer (paid add-on); if reviewer assesses your work as Acceptable across all four deliverables, you earn the certificate without passing the written exam. This path exists because capstone-quality work is itself a credible demonstration of competence.

How the exam is structured¶

The 50 questions are organized roughly in module order (M0 first, M8 last), with the 2 cross-module scenario items mixed in around questions 30 and 45. This means: easier questions tend to come first. Don't get psyched out if the last 15 feel harder — they are.

Within each module's block:

The first questions are conceptual ("what is X?", "which of these is an example of Y?").
Later questions in the block are applied ("you observe X in production logs; what's the most likely cause?").
Scenario questions are short — 3–5 lines of context, then a single best-answer question.

Answering technique¶

Some strategies that work for this exam:

Pass 1 — Speed: Answer everything you know on sight. Flag the rest. Aim for ~30 minutes.
Pass 2 — Reasoning: Return to flagged questions. Eliminate obviously wrong options first, then choose the most defensible.
Pass 3 — Sanity: Skim everything. Look for misread questions ("which is NOT..." traps especially).
Submit with time to spare — exam stress causes more wrong answers than ignorance.

When you're stuck: - If two options seem right, look for the one that's more specific or more directly addresses the question. - If a scenario gives you a detail (e.g., "the model is deployed in the EU"), that detail is there for a reason. - "All of the above" is correct more often than learners expect — but not always. - "None of the above" is correct less often than learners think.

What this exam is testing¶

This exam is not testing memorization. It's testing whether you can:

Recognize an attack from its signature.
Pick the right defense for a given threat.
Map a real situation to a framework category (OWASP, ATLAS, NIST, EU AI Act).
Make a defensible judgment call when there's no single textbook answer (the scenario questions).

If you can do those four things, you'll pass.

Ready?¶

When you're ready, open L10.2 and start a 90-minute timer.

Take a breath. You built the skills across nine modules. The exam is the proof point. Good luck.