What about a Wireshark or tcpdump PCAP file with IPV6 traffic in both directions using the tunnel IPV6 or the same IPV6 IP address of explorer test?
This could be called the "DISECTOR" certification
With that test the person will have the chance to do some deep analisys on IPV6 header.
We could also do something like if there is more than one protocol (to avoid the traditional icmp only thing) than even better, lets say, a capture file with only ICMP have 1 point, HTTP 2 points, HTTPS 3 points, FTP 4 points, SSH, SMTP, POP3, IMAP, BGP, OSPF and so on (but to avoid cheating, what about enforcing that need to be from one of the ranges assigned for the Tunnel on HE of the person), if the person have native IPV6 he still can do a tunnel on IPV4 since I believe that any last mile ISP will need to have dual stack of protocols.
Could be a nice challenge, this capture should never be exposed to anyone other then HE, to avoid the risk of exposing that level of data to the underground hacking guys.
And could have a BIG disclaimer "dont use your internet bankline on that capture" heheheh