WGU Introduction-to-Cryptography Dumps

In AES, the number of rounds is explicitly tied to the key length. AES-128 uses 10 rounds, AES-192 uses 12 rounds, and AES-256 uses 14 rounds. The purpose of additional rounds is to increase diffusion and confusion, strengthening resistance against cryptanalysis as the key schedule and state transformations iterate more times. Although key length primarily affects brute-force resistance, AES’s designers and standardization parameters link longer keys with more rounds to maintain security margins across variants, especially considering differences in the key schedule structure. Thus, as key length increases from 128 to 192 to 256 bits, the number of rounds increases correspondingly from 10 to 12 to 14. This relationship is fixed by the AES specification and does not vary dynamically at runtime. Therefore, the correct correlation is that the number of rounds increases as the key length increases.

Web browsers rely on PKI to establish trust in secure connections, primarily through X.509 certificates and a built-in set of trusted root Certificate Authorities (CAs). When a browser connects to an HTTPS site, the server presents a certificate chain. The browser validates that chain up to a trusted root, checks that the certificate is valid for the domain (SAN/CN matching), confirms validity dates, and may check revocation status. This PKI process allows browsers to authenticate the website’s identity and negotiate encrypted session keys for TLS, enabling confidentiality and integrity for the connection. In practical terms, the browser’s PKI components include certificate stores, validation logic, and mechanisms for handling intermediates, trust policies, and revocation. While PKI supports authentication as an outcome, the best description of how browsers utilize PKI is that they manage and validate digital certificates and associated keys to establish trust. PKI is not about compressing messages or encrypting data at rest; it is about identity binding and trust chains that make secure web communication possible.

When software is digitally signed, the organization computes a cryptographic hash (digest) of the software (or its manifest) and then signs that digest using the organization’s private key. Verification works in the opposite direction: the customer (verifier) uses the organization’s public key to validate the signature and recover/confirm the signed digest, then independently hashes the received software and compares the result. If the digests match and the signature validates under the public key, the customer has strong assurance that the software has not been altered since it was signed and that it was signed by the holder of the corresponding private key. The customer never needs the organization’s private key—sharing it would destroy security and enable forgery. Likewise, the customer’s own keys are irrelevant to verifying the publisher’s signature. The organization’s public key is typically delivered inside a certificate chain (code signing certificate) so the verifier can also validate publisher identity and trust. Therefore, the customer uses the organization’s public key for signature verification (often described as “decrypting” the signed digest).

AES by itself is a symmetric block cipher that provides confidentiality, but not guaranteed integrity unless used in an authenticated mode. To protect integrity of the plaintext (ensuring it has not been altered), a Message Authentication Code (MAC) can be applied. In the classic Encrypt-then-MAC pattern, the sender encrypts the plaintext with AES and then computes a MAC (often HMAC-SHA-256 or CMAC-AES) over the ciphertext (and relevant headers). The receiver verifies the MAC before attempting decryption, preventing tampering and many padding-oracle style vulnerabilities. Alternatively, AES can be used in an AEAD mode like AES-GCM, which produces an authentication tag serving a similar purpose, but among the listed options the general integrity mechanism is “MAC.” RC4 is an unrelated stream cipher and does not provide integrity. RSA is asymmetric and not the standard integrity add-on for AES-encrypted bulk data. Kerberos is an authentication protocol and key distribution system, not a message integrity primitive. Therefore, to protect plaintext integrity when using AES, the correct mechanism is a Message Authentication Code.

ECB (Electronic Codebook) mode encrypts each block independently with the same key, which makes it naturally amenable to parallel processing: multiple blocks can be encrypted or decrypted simultaneously because there is no chaining dependency between blocks. This is in contrast to CBC encryption, where each plaintext block is XORed with the previous ciphertext block, creating a dependency that prevents straightforward parallelization of encryption (though CBC decryption can be parallelized because ciphertext blocks are already known). Feedback modes like CFB and OFB generate keystream material sequentially, where each step depends on the previous state, limiting parallelism. While ECB’s parallelism is an implementation advantage, it is widely discouraged for most real data because it leaks patterns—identical plaintext blocks produce identical ciphertext blocks. Modern systems prefer parallel-friendly and secure modes such as CTR or GCM, but among the listed options, the mode most known for parallel processing is ECB due to block independence. Therefore, the correct answer is Electronic Codebook (ECB).

3DES (Triple DES) applies the DES block cipher three times to increase effective security, and its commonly cited valid key sizes correspond to how many independent DES keys are used. Two-key 3DES uses two 56-bit DES keys (K1 and K2) in an EDE sequence (Encrypt with K1, Decrypt with K2, Encrypt with K1), yielding 112 bits of keying material (ignoring parity bits). Three-key 3DES uses three independent 56-bit keys for a total of 168 bits of keying material, but that option is not listed here. A 56-bit key corresponds to single DES, not 3DES. 128-bit is associated with AES, not 3DES. 2,048-bit is typical for RSA keys, not symmetric ciphers. Therefore, among the choices provided, 112-bit is a valid 3DES key size. While 3DES is now deprecated for many uses due to its 64-bit block size and performance limitations, understanding its keying options remains important for legacy system assessment.

Modular arithmetic is the mathematics of working with remainders after division by a fixed number called the modulus. In cryptography, it underpins many core constructions because it defines arithmetic in finite sets (rings and fields) where values “wrap around,” enabling stable, repeatable operations with bounded results. Public-key systems like RSA rely on modular exponentiation (raising integers to powers modulo a composite number), while Diffie–Hellman and many elliptic-curve schemes operate in groups defined by modular arithmetic properties. Encryption and key exchange use modular operations because they allow efficient computation forward (e.g., exponentiation modulo a large number) while making certain inverse problems computationally hard without secret information (e.g., factoring or discrete logarithms). Modular reduction also helps keep intermediate values manageable and supports group properties needed for proofs of security. Although modular arithmetic is not “encryption by itself,” it is a foundational method used inside encryption algorithms and protocols. Therefore, among the options, describing it as a method used for encryption via modular operations best matches cryptographic usage.

IPsec’s initial key exchange is commonly performed using IKE (Internet Key Exchange), which negotiates Security Associations (SAs), authenticates peers, and establishes shared keys for ESP/AH protection. The traditional and default transport for IKEv1 and IKEv2 is UDP port 500. During negotiation, peers exchange proposals (crypto suites), perform Diffie–Hellman to derive key material, and authenticate using pre-shared keys, certificates, or EAP methods. If a firewall blocks UDP 500, the IKE negotiation cannot begin, preventing IPsec tunnels from forming. In many real deployments, NAT traversal is also used; in that case, traffic typically shifts to UDP 4500 (NAT-T) after detection of NAT, but UDP 500 is still required for the initial exchange and NAT detection in many configurations. TCP 500 is not standard for IKE. Port 443 is associated with HTTPS/TLS and some SSL VPNs, not IPsec IKE. Therefore, among the options provided, the firewall must allow UDP 500 for IPsec key exchange to succeed.

OTP systems (such as HOTP and TOTP) generate a sequence of passwords using a shared secret and a moving factor (counter or time). The critical secret that underpins the ability to compute past or future OTP values is the seed (also called the shared secret key). In HOTP, the seed is used with an HMAC function and an incrementing counter; in TOTP, the seed is used with HMAC and a time-step value. If an attacker obtains the seed and knows the algorithm and moving factor, they can compute future OTPs. The “function” and “encryption algorithm” are typically standardized and public; security relies on keeping the seed secret. An initialization vector is not a standard OTP component in HOTP/TOTP generation. Therefore, the component needed to predict future OTP values is the seed. Protecting the seed is essential: it should be stored securely (e.g., hardware token secure storage) and transmitted only through controlled provisioning processes. If compromised, OTP becomes predictable and no longer serves as a strong second factor.

Skipjack is a symmetric block cipher historically associated with the Clipper chip initiative. Its defining parameters match the question: it operates on 64-bit blocks and uses an 80-bit key. The other options do not fit those exact sizes. Twofish is a 128-bit block cipher with key sizes up to 256 bits. Blowfish is a 64-bit block cipher, but its key size is variable from 32 up to 448 bits and is not fixed at 80 bits as a defining property. Camellia is a 128-bit block cipher with key sizes of 128, 192, or 256 bits. Skipjack’s smaller key size and legacy design make it unsuitable for modern security needs, but the question is purely about identifying the algorithm that matches an 80-bit key and 64-bit blocks. Therefore, the correct answer is Skipjack.

For Bitcoin, transactions are confirmed by inclusion in blocks, and the network targets an average block interval of about 10 minutes. That means transactions are “added” to the Bitcoin blockchain approximately every 10 minutes in the sense that a new block containing a batch of transactions is appended at that cadence. The 10-minute target is achieved by a difficulty adjustment mechanism that recalibrates mining difficulty roughly every 2016 blocks, aiming to keep the average interval stable despite changes in total network hash power. It is important to note that this is an average: blocks can be found faster or slower in the short term due to the probabilistic nature of proof-of-work mining. Other blockchains have different block times (seconds to minutes), but the question’s options and typical curriculum context align with Bitcoin’s 10-minute design. Therefore, the correct choice is approximately every 10 minutes.

The value 51 mod 11 is the remainder after dividing 51 by 11. Modular arithmetic is widely used in cryptography to keep computations within a finite set of residues, such as in RSA where values are taken modulo n, or in Diffie–Hellman where exponents and group elements are reduced modulo a prime. To compute 51 mod 11, find the largest multiple of 11 less than or equal to 51. Multiples of 11 are 11, 22, 33, 44, 55. The closest without exceeding 51 is 44. Subtracting gives 51 − 44 = 7, so the remainder is 7. Therefore, 51 mod 11 = 7, matching option “07.” This remainder is always in the range 0 through 10 because the modulus is 11. Such residue computations underpin the “wraparound” behavior that makes modular exponentiation and inverse computations well-defined in cryptographic groups.

To ensure confidentiality so that only the intended recipient can decrypt an email, the sender must encrypt in a way that only the recipient can reverse. In public key cryptography, that means encrypting with the recipient’s public key. The recipient is the only party who should possess the matching private key, so only they can decrypt the ciphertext. This pattern is fundamental to PKI-based secure email systems such as S/MIME and OpenPGP: the sender looks up or is provided the recipient’s certificate/public key, encrypts the message (often by encrypting a randomly generated symmetric session key with the recipient’s public key), and the recipient uses their private key to recover the session key and decrypt the content. Encrypting with the sender’s private key would not provide confidentiality; it resembles signing because anyone with the sender’s public key could “decrypt” it. Encrypting with a private key of the recipient is also incorrect because private keys are not shared and should never leave the recipient’s control. Therefore, the correct key to encrypt the message so only the friend can decrypt it is the recipient’s public key.

A cryptographic policy defines how encryption, keys, certificates, and integrity mechanisms are used and managed across an organization. During incident response, that policy becomes a playbook for making safe, consistent decisions under pressure. It can specify how to rotate or revoke compromised keys, how to validate and reissue certificates, how to preserve evidence integrity with hashing, and how to securely communicate sensitive incident details (e.g., using approved encrypted channels). It can also define backup encryption requirements and key escrow or recovery procedures, enabling secure data recovery without exposing protected data. Policies typically outline roles and responsibilities (who can access keys, who can approve rekeying), logging requirements, and escalation steps—reducing confusion and preventing ad hoc crypto changes that might worsen exposure. The goal is not to limit encryption; it is to ensure cryptography is used correctly to contain and remediate incidents. Therefore, providing guidelines for secure recovery and communication is the correct contribution of cryptographic policy to incident response.

NIST’s lightweight cryptography effort targets environments like IoT and embedded systems where CPU, memory, energy, and bandwidth are constrained, yet strong security is still required. Ascon is an authenticated encryption with associated data (AEAD) family designed to be efficient in both hardware and software with small footprint, making it well-suited for constrained devices. NIST selected Ascon because it offers a strong security design with good performance and implementability under tight resource budgets, while providing modern protections (confidentiality + integrity) through AEAD. That aligns with option C: secure and efficient encryption for resource-constrained devices. The selection was not primarily about authenticating users (that is typically handled by protocols and identity systems, not an AEAD primitive). It was also not mainly about legacy compatibility; lightweight cryptography aims at new and constrained deployments rather than preserving outdated stacks. And while Ascon can certainly be used to protect data at rest, that is only one application; the core reason for the choice is its suitability for constrained environments and robust, efficient authenticated encryption.

Bitcoin’s proof of work (PoW) is designed so that finding a valid block is computationally difficult, but checking validity is computationally easy. Miners must repeatedly hash candidate block headers (double SHA-256) with different nonces until they find a hash value below a network-defined target. This trial-and-error search requires significant work and energy because the probability of success per attempt is extremely low at current difficulty levels. However, verification is straightforward: any node can hash the block header once (or a small number of times) and confirm the resulting hash meets the target threshold and that the block contents follow protocol rules. This “hard to produce, easy to verify” property is essential: it makes it expensive for attackers to rewrite history or outpace honest miners, while allowing all participants—even low-power devices—to validate blocks efficiently. Therefore, the primary characteristic of Bitcoin proof of work is that it is difficult to produce and easy to verify.

When securely distributing a symmetric key over an untrusted network, a common approach is hybrid cryptography: use asymmetric cryptography to protect the symmetric key, then use the symmetric key for bulk encryption. To ensure only Employee B can recover the symmetric key, Employee A encrypts (wraps) that symmetric key using Employee B’s public key. Because only Employee B should possess the matching private key, only B can decrypt the wrapped symmetric key. This is the same principle used in TLS key exchange (in older RSA key transport) and in secure email: encrypt the session key to the recipient’s public key. Encrypting the symmetric key with Employee A’s private key would not provide confidentiality—anyone with A’s public key could reverse it, and it functions more like a signature than encryption. Employee B’s private key should never be shared and is used only by B to decrypt. Therefore, for confidentiality of the shared symmetric key, the correct encryption key is Employee B’s public key.

Asymmetric cryptography uses a public/private key pair where different keys are used for related operations (encryption/decryption or signature/verification). Elliptic-Curve Cryptography (ECC) is a family of asymmetric algorithms built on the mathematics of elliptic curves over finite fields. ECC supports key exchange (ECDH), digital signatures (ECDSA/EdDSA), and other primitives with smaller key sizes for comparable security to traditional discrete-log or RSA systems (e.g., a 256-bit ECC key is often comparable in security to a 3072-bit RSA key, depending on scheme and parameters). By contrast, SHA-256 is a cryptographic hash function (one-way digest), and HMAC is a keyed integrity/authentication construction built from a hash function—neither is encryption. DES is a symmetric block cipher (same key for encryption and decryption). Therefore, the example of asymmetric encryption among the options is ECC.

Bit-flipping exploits target encryption modes or protocols that do not provide strong integrity, allowing attackers to modify ciphertext so that predictable changes occur in plaintext after decryption. To defend against this, protocols add an integrity mechanism that detects tampering. In WPA (including enterprise deployments), TKIP introduced a Message Integrity Check (MIC) called “Michael.” The MIC is computed over the frame contents (with additional fields) and verified by the receiver; if an attacker flips bits in transit, the MIC verification fails, and the frame is rejected. While AES (used by WPA2’s CCMP) also provides integrity via authenticated encryption, the option presented that directly names the tamper-detection mechanism associated with guarding against bit-flipping is MIC. A pre-shared key is an authentication/keying method (and not enterprise-mode anyway), and a “global encryption key” would be the opposite of what you want—global/static keys worsen security. Therefore, the intended mechanism that mitigates bit-flipping by detecting unauthorized modifications is the Message Integrity Check.

Data integrity means ensuring that information has not been modified without authorization. Digital signatures are a core cryptographic technique that provides integrity by binding a message (typically its hash) to the signer’s private key. The signer creates a signature over the message digest; the verifier checks it with the signer’s public key and recomputes the digest. Any change to the message alters the digest and causes verification to fail, revealing tampering. Digital signatures also support authenticity (verifying the signer) and can contribute to nonrepudiation under proper key-management and policy controls, but integrity is a primary guarantee they deliver. “Authentication” is broader and can be achieved by other means, but it is not as directly tied to integrity as signatures in this option set. “Non-repudiation” is an outcome/goal rather than a standalone integrity technique. “Steganography” hides the existence of data and does not inherently protect integrity. Therefore, among these options, digital signatures are the best cryptographic technique for ensuring data integrity.

DER (Distinguished Encoding Rules) is a binary encoding format used to represent ASN.1 structures in a canonical, unambiguous way. X.509 certificates are defined using ASN.1, and DER provides a strict subset of BER (Basic Encoding Rules) that guarantees a single, unique encoding for any given data structure. That “unique encoding” property is important for cryptographic operations such as hashing and digital signatures, because different encodings of the same abstract data could otherwise produce different hashes and break signature verification. In contrast, PEM is not a binary encoding; it is essentially a Base64-encoded text wrapper around DER data, bounded by header/footer lines (e.g., “BEGIN CERTIFICATE”). PKI is an overall framework for certificate issuance, trust, and lifecycle management—not an encoding. RSA is an asymmetric algorithm used for encryption/signing, not a certificate encoding format. Therefore, the binary-based certificate encoding process among the options is DER.

CBC mode introduces dependency between blocks to prevent the pattern leakage seen in ECB. It starts with a random (or unpredictable) IV for the first block. Before encrypting block 1, CBC XORs plaintext block 1 with the IV, then encrypts the result. For block 2 and onward, CBC XORs each plaintext block with the previous ciphertext block before encryption. This chaining means that changing one plaintext block affects that block’s ciphertext and also influences the next block’s computation. The IV ensures that encrypting the same message twice under the same key produces different ciphertexts (assuming a fresh IV). Option A (ECB) has no IV or chaining. OFB and CFB are feedback modes that effectively generate a keystream; they do use an IV, but the “uses the result to encrypt the next block” wording most directly matches CBC’s ciphertext-chaining description in standard teaching. CBC still requires integrity protection (e.g., HMAC or an AEAD mode) because it can be malleable without authentication. Therefore, the correct mode is Cipher Block Chaining (CBC).

Breaches tied to poor cryptographic practices often stem from preventable issues: outdated algorithms, weak key management, misconfigured TLS, missing integrity checks, hard-coded secrets, unrotated keys, or improper certificate validation. A key lesson is that organizations must proactively identify and prioritize these risks—exactly what comprehensive risk assessments are designed to do. Effective risk assessment inventories cryptographic assets (keys, certificates, protocols), maps them to business processes, evaluates threats (e.g., MITM, data exfiltration, supply-chain tampering), and finds gaps between current controls and best practices. It also helps ensure crypto decisions align with real-world risk, compliance requirements, and operational constraints. The other options are explicitly wrong: training is relevant because many crypto failures are implementation/configuration errors; audits and updates are essential because cryptographic guidance evolves; and security cannot be “secondary” without increasing breach likelihood and impact. Therefore, the most defensible lesson is that comprehensive risk assessments are vital for identifying vulnerabilities before attackers exploit them.

A true random number generator (TRNG) draws randomness from physical phenomena that are inherently unpredictable and not algorithmically reproducible. Because of this, it is nondeterministic: you cannot feed it the same “input” and expect the same output stream. TRNGs are often slower than PRNGs because they depend on collecting entropy from hardware sources and may require conditioning to remove bias. This aligns with option B: slow and nondeterministic, producing different results even under similar or repeated conditions. Option A describes a deterministic PRNG, where identical seeds yield identical sequences. Option C is unrelated; factorization is a hard math problem used in cryptography (e.g., RSA security assumptions), not a randomness generator definition. Option D describes a counter, which is deterministic and not random. In secure systems, TRNG output may seed a cryptographically secure PRNG to provide both unpredictability and high throughput; but the defining characteristic of a TRNG is nondeterminism from physical entropy. Therefore, option B is correct.

The NOBUS (Nobody But Us) principle is a controversial security notion suggesting that it is possible to introduce or maintain an access capability (often framed as a “backdoor” or exploitable weakness) that is effectively usable only by the party that designed it—typically a government or specific organization—while remaining infeasible for everyone else to exploit. In practice, NOBUS is invoked in debates about lawful access, surveillance, and exceptional access mechanisms: proponents claim that sophisticated entities can keep exploitation techniques secret and complex enough that adversaries cannot replicate them. Critics argue that this assumption is fragile because vulnerabilities can be independently discovered, reverse engineered, leaked, or eventually exploited as tools and knowledge spread. Moreover, once a weakness exists, it becomes a systemic risk: software and cryptographic systems are widely deployed and adversaries can invest heavily in finding and weaponizing the same flaw. Modern security engineering generally favors eliminating known weaknesses rather than relying on secrecy or assumed asymmetry of capability. Therefore, the best description of NOBUS is that a vulnerability is believed to be so difficult to exploit that only its creator can exploit it.

OCSP is the primary online alternative to CRLs for checking whether a certificate has been revoked. With a CRL, a relying party periodically downloads a list of revoked certificate serial numbers published by the issuing CA (or CRL distribution point). That approach can be bandwidth-heavy, introduces latency between revocation and client awareness, and can result in clients using stale revocation data if updates are infrequent. OCSP improves this by allowing a client (or a server on the client’s behalf) to query an OCSP responder in near real time about the status of a specific certificate (good, revoked, or unknown). In practice, many TLS deployments use OCSP stapling, where the server periodically fetches a signed OCSP response from the CA’s responder and “staples” it to the TLS handshake, reducing client-side network calls and improving privacy (the CA doesn’t learn which site the client is visiting). Thus, OCSP provides a more timely, certificate-specific revocation status mechanism than CRLs while preserving the CA’s signed assurance.

A cryptography framework provides a consistent, repeatable way to select, deploy, and manage cryptographic controls across an organization. Its key benefit is structure: it defines approved algorithms and key sizes, acceptable modes of operation, key management rules (generation, storage, rotation, revocation, backup), certificate handling, and secure protocol configurations (e.g., TLS settings). This reduces ad hoc implementations that often lead to vulnerabilities such as weak ciphers, key reuse, improper randomness, or missing integrity protections. A framework also clarifies roles and processes—who can access keys, how secrets are audited, and how exceptions are handled—improving governance and operational reliability. Importantly, it does not guarantee perfect security; no framework can eliminate all risk, and secure outcomes still depend on correct implementation, monitoring, and maintenance. It also does not eliminate the need for training; human error is a major source of crypto misconfiguration. While frameworks help with compliance, they are not solely about regulation; they are about sound security engineering and lifecycle management. Therefore, the primary benefit is providing a structured approach to implementing encryption practices.