WGU D334 Introduction To Cryptography OA PRACTICE TEST 2025/2026 COMPLETE QUESTIONS BANK WITH VERIFIED CORRECT ANSWERS|| 100% GUARANTEED PASS <RECENT VERSION>

WGU D334 Introduction To Cryptography OA PRACTICE TEST 2025/2026 COMPLETE QUESTIONS BANK WITH VERIFIED CORRECT ANSWERS|| 100% GUARANTEED PASS &lt;RECENT VERSION&gt; 1. Playfair Cipher - ANSWER Uses a 5x5 grid built from a secret phrase with no repeating letters (e.g., "napierrun") 2. Playfair Grid Note - ANSWER The letters "I" and "J" are treated as the same letter to maintain the 25-letter grid 3. Homophonic Substitution Cipher - ANSWER Replaces each plaintext letter with multiple possible cipher texts to disguise frequency patterns 4. Little Endian - ANSWER A memory storage format where the least significant byte is stored at the lowest memory address 5. Systems Using Little Endian - ANSWER Most PC systems with Intel processors follow the Little Endian architecture 6. Big Endian - ANSWER A memory storage format where the most significant byte is stored at the lowest memory address 7. Systems Using Big Endian - ANSWER Commonly used in IBM z/Architecture mainframes 8. Integer - ANSWER A number that can be positive or negative with no fractional part (e.g., -3, 0, 7) 9. Rational Number - ANSWER A number that can be expressed as a fraction, such as ¾ 10. Real Number - ANSWER Includes both integers and rational numbers (e.g., 2.3) 11. Prime Number - ANSWER A positive integer greater than 1 that is only divisible by 1 and itself 12. Natural Number - ANSWER A positive integer used for counting (e.g., 1, 5, 16) 13. Example of Overlap - ANSWER A number like 3 is both a natural number and a prime number 14. XOR (Exclusive OR) - ANSWER Outputs 1 only if one of the bits is 1, not both. Otherwise, the result is 0 (e.g., 11010 XOR 01011 = 10001) 15. OR - ANSWER Outputs 1 if at least one of the bits is 1. Only outputs 0 when both bits are 0 (e.g., 11111 OR 01011 = 11111) 16. AND - ANSWER Outputs 1 only if both bits are 1. Otherwise, the result is 0 (e.g., 10010 AND 01011 = 00010) 17. Mod Operator - ANSWER Provides the remainder of an integer division. Common in prime-based operations (e.g., 17 mod 5 = 2) 18. Shift Operators - ANSWER Moves bits left or right (rotation), altering the bit pattern. For example, 1010 shifted left becomes 1000 19. PRNGs (Pseudo-Random Number Generators) - ANSWER Repeats the random numbers after a given time (periodic); they are fast and deterministic 20. TRNGs (True Random Number Generators) - ANSWER Use real-world randomness (e.g., mouse movements) for true unpredictability 21. Monoalphabetic Cipher - ANSWER A substitution cipher where each plaintext letter is always replaced with the same corresponding ciphertext letter (e.g., Caesar cipher with A → D)nn 22. Polyalphabetic Cipher - ANSWER A cipher that uses multiple alphabets to encode the plaintext, making it harder to crack (e.g., Vigenère cipher) 23. Enigma Cipher Machine - ANSWER A polyalphabetic cipher that didn't repeat within a reasonable time and used a secret key; weakness: a letter could never encrypt to itself 24. Asymmetric Encryption - ANSWER Uses a public key to encrypt and a private key to decrypt; enables secure sharing without exchanging secrets 25. Public Key - ANSWER Freely distributed; used to encrypt messages in asymmetric encryption 26. Private Key - ANSWER Kept secret; used to decrypt messages in asymmetric encryption 27. Symmetric Encryption - ANSWER Uses a single shared key to both encrypt and decrypt data 28. Shared Secret Key - ANSWER The term used to describe the one key used in symmetric encryption 29. Frequency Analysis - ANSWER Analyzes cipher text to identify patterns and compare them to standard English character frequencies 30. Cryptography - ANSWER The science of keeping information secret by converting data into a secure format using algorithms 31. Cryptanalysis - ANSWER The art of breaking or cracking cryptographic protections through algorithm analysis 32. Cryptology - ANSWER The study and practice of both cryptography and cryptanalysis 33. Plaintext - ANSWER A human-readable, unencrypted message used as input before encryption or after decryption 34. Ciphertext - ANSWER An unreadable, encrypted message produced after applying an encryption algorithm to plaintext 35. RSA leverages - ANSWER the fact that products of large prime numbers are difficult to factorize as basis of its encryption. 36. Homomorphic Encryption - ANSWER can perform mathematical operations on ciphered values i.e., before decryption. 37. RSA has a heavy overhead - ANSWER on processor loading and is not well suited for embedded systems (as the power drain can be high, along with heavy requirements for processing and memory). 38. An improved solution over RSA is - ANSWER Elliptic Curve which is often used in key exchange methods (such as with Elliptic Curve Diffie Hellman - ECDH) and for the creation of digital signatures (Elliptic Curve Digital Signature Algorithm - ECDSA) 39. The main advantages of Elliptic Curve methods are: - ANSWER ▪ Much smaller keys. The prime number P is normally only 160 bits, and much smaller than in RSA. This considerably speeds up the encryption process. 40. ▪ Creation of the curves are more difficult than generating prime numbers, which makes it more difficult to crack than RSA. 41. ▪ They can be used to factorize values, such as finding the prime number factors within RSA. 42. Bitcoins use Elliptic Curve cryptography - ANSWER with 32-byte private keys (which is a random number) and 64-byte public keys, on a secp256k1 curve. 43. El Gamal - ANSWER is a public key method that is used in both encryption and digital signing. It is used in many applications and uses discrete logarithms. 44. Cramer-Shoup - ANSWER a public key encryption method that is an extension of El Gamal but adds a one way hashing method which protects against an adaptive chosen ciphertext attack. 45. The Paillier cryptosystem supports - ANSWER homomorphic encryption 46. The 4 basic steps to send a digitally signed message using public key cryptography include: - ANSWER Step 1: [Sender signs] Sender signs message with sender's own private key Step 2: [Sender Encrypts] Sender encrypts message with receiver's public key ---------------MESSAGE SENT-------------------------- Step 3: [Receiver Decrypts] Receiver decrypts message with receiver's own private key Step 4: [Receiver verifies] Receiver verifies message with sender's public key 47. The 5 basic steps to send a confidential, authenticated message that incorporates hashing ensure integrity are - ANSWER Step 1: [Sender signs] Sender produces a hash of the message and encrypts it using sender's private key [this is considered "signing" when hashing is incorporated in the process] Step 2: [Sender Encrypts] Sender packages up [original message + encrypted hash] and encrypts both with the receiver's public key --------------------MESSAGE SENT----------------- Step 3: [Receiver Decrypts] Receiver decrypts packaged up [original message + encrypted hash] with receiver's private key Step 4: [Receiver verifies] Receiver decrypts the encrypted hash with sender's public key Step 5: [Receiver verifies] Receiver computes hash of the original message and compares to the now decrypted original hash to ensure they match. 48. The two main methods for key exchange in symmetric cryptography is to - ANSWER (1) use a key exchange algorithm (such as Diffie-Hellman) (2) encrypt the key with the recipient's public key, pass it to the other side and then allow the recipient use their private key to decrypt it i.e., via public key encryption. 49. An important concept within key exchange is the usage of forward secrecy, which means - ANSWER that a compromise of the long-term keys will not compromise any previous session keys. 50. Diffie-Hellman methods have been used extensively to create a shared secret key but suffers from - ANSWER man-in-the-middle attacks, where an attacker sits in-between and passes the values back and forward and negotiates two keys: one between a sender and the attacker, and the other between the receiver and the attacker. An improved method is to use public key encryption 51. With ephemeral key methods - ANSWER a different key is used for each connection, and, again, the leakage of any long-term key would not cause all the associated session keys to be breached. 52. Diffie-Hellman is a widely used key exchange algorithm - ANSWER used to exchange the secret key in symmetric cryptography. 53. A weakness discovered in Diffie Hellman is that - ANSWER it is fairly easy to precompute values for two popular Diffie-Hellman parameters (and which use the DHE_EXPORT cipher set). 54. DHE_EXPORT Downgrade Attack - ANSWER involves forcing the key negotiation process to default to 512-bit prime numbers. For this the client only offers DHE_EXPORT for the key negotiation, and the server, if it is setup for this, will accept it. The precomputation of 512-bit keys with g values of 2 and 5 (which are common) are within a reasonable time limits. 55. Methods to combat DHE_EXPORT Downgrade attacks on Diffie Hellman include: - ANSWER (1) Disabling Export Cipher Suites (2) Using (Ephemeral) Elliptic-Curve Diffie-Hellman (ECDHE) (3) Use a strong group. 56. Diffie Hellman has three groups (bases): - ANSWER Group 1 Group 3 or Group 5, which vary in the size of the prime number used. 57. The strength of Diffie-Hellman relates to - ANSWER the size of the prime number bases which are used in the key exchange. 58. 4 Basic steps for obtaining a digital certificate signed by a trusted Certificate Authority (CA): - ANSWER ▪ Step 1: Requester generates a key-pair (one public, one private). Public key is provided to the CA. ▪ Step 2: Requester creates and submits a Certificate Signing Request (CSR), along with requester's public key to the CA. ▪ Step 3: CA generates the digital certificate for the requester. ▪ Step 4: CA signs the requester's digital certificate with the CA's own private key, and issues certificate to requester. 59. Common Certificate Types - ANSWER IKE PKCS #7 PKCS #10 RSA signatures X.509v3 60. Common Certificate Applications: - ANSWER Server authentication, Client authentication, Code signing, Email signing, Time stamping, IP security, Windows hardware driver verification, Smart card logon, Document signing, Public key transport 61. Example Use: Passing PKI public keys in a verifiable way. - ANSWER When a digital certificate is created, (whether self-generated/signed or by a trusted well-known Certificate Authority (CA) such as Verisign or Entrust, the certificate will contain the public key of the certificate owner. So, generating and securely sharing a certificate that can be validated by a trusted source is a viable option for public key transport in PKI. 62. Two major encoding schemes for X.509 certificates - ANSWER PEM (Base64 ASCII text) format, and DER (binary) format 63. Common X.509 Certificate file types - ANSWER .cer (used with both PEM and DER formats), others - .crt, .pem, .key (common with PEM formats) and .der (common with DER formats) 64. With end-to-end authentication - ANSWER the user authenticates themselves to the end service 65. with intermediate authentication - ANSWER only part of the conversation between the entities is authenticated 66. The main stages of key/certificate management include: - ANSWER ▪ Initialization. This includes registration, key pair generation, certificate creation and certificate/key distribution, certificate dissemination, and key backup. ▪ Issued. This includes certificate retrieval, certificate validation, key recovery and key update. ▪ Cancellation. This includes certificate expiration, certificate revocation, key history and key archiving. 67. Certificates receive a period of validity designation - ANSWER (timeframe the cert is valid and should be trusted) at creation via a start and end date or expiration date. There are also instances where a certificate needs to moved to an invalid/untrusted state (revoked) prior to the original expiration date. Some reasons warranting having a cert revoked include but are not limited to: - ANSWER ▪ Issuing CA was compromised ▪ The cert itself was compromised ▪ Certificate affiliation has changed ▪ Certificate has been updated or superseded 68. RFC 5280 thus defines "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", and includes two main states for revocation: - ANSWER Revoked. This is where a certificate has been revoked, and cannot be reversed, and often occurs when a certificate is defined as having its private key breached. 69. Hold. In this case the certificate's trust level is on hold and can be reversed at some time in the future. It could relate to a private key being thought to be compromised, but where an investigation has show that it has not been breached. 70. CRL must be published by the CA who originally generated the targeted certificates - ANSWER is only valid for a given amount of time (which is typically less than 24 hours). 71. CRLs are signed by the CA - ANSWER in order that they can be validated, and thus signed by the private key of the CA, and then checked against its public key (which is stored in a root certificate folder or preinstalled within a Web browser) 72. An alterative to CRL is to use - ANSWER Online Certificate Status Protocol (OCSP), an online service used to check the validity of a certificate. 73. Chaskey Key Size - ANSWER 128 74. Skipjack is a symmetric block cipher that uses a - ANSWER 80 bit key 75. Enocoro operates with a key size of ______ bits and an initialization vector (IV) of _____ bits. - ANSWER 128-bit key size; 64-bit IV 76. Skipjack has a block size of _____bits. - ANSWER 64 77. PHOTON, SPONGENT, Lesamnta-LW, and Quark are examples of light weight _____. - ANSWER Light-weight hashing algorithms 78. _____ has a block size of 64 bits, key size of 128 bits, and &gt;17 rounds of substitution & transposition. - ANSWER IDEA 79. _______ is a partially homomorphic crypto system that leverages prime number characteristics, operates with a bit variable key size, and 1 round. - ANSWER RSA 80. Blowfish and Twofish are both _____ ciphers with common key sizes of 128, 192, or 256 bits. - ANSWER Symmetric Block 81. _____ is a symmetric block cipher that uses block sizes of 32, 64, or 128 bits and boasts a variable key size up to 2048 bits. - ANSWER RC5 82. Quark produces a hash value of _____bits. - ANSWER 64 or 112 83. The block size used with XTEA is _____ bits. - ANSWER 64 84. The key size used with XTEA is _____ bits. - ANSWER 128 85. Camelia is a _____. - ANSWER Symmetric key exchange algorithm 86. RC6 can best be described as a _____. - ANSWER Symmetric Block Cipher