Free and Premium WGU Introduction-to-Cryptography Dumps Questions Answers

For Bitcoin, transactions are confirmed by inclusion in blocks, and the network targets an average block interval of about 10 minutes. That means transactions are “added” to the Bitcoin blockchain approximately every 10 minutes in the sense that a new block containing a batch of transactions is appended at that cadence. The 10-minute target is achieved by a difficulty adjustment mechanism that recalibrates mining difficulty roughly every 2016 blocks, aiming to keep the average interval stable despite changes in total network hash power. It is important to note that this is an average: blocks can be found faster or slower in the short term due to the probabilistic nature of proof-of-work mining. Other blockchains have different block times (seconds to minutes), but the question’s options and typical curriculum context align with Bitcoin’s 10-minute design. Therefore, the correct choice is approximately every 10 minutes.

In the TLS handshake, the ClientHello message is the client’s opening negotiation message and includes the client’s supported cryptographic capabilities. A key part of ClientHello is the offered cipher suites list, which advertises combinations of key exchange, authentication, encryption, and integrity/AEAD algorithms the client is willing to use. The server responds with ServerHello, selecting one of the offered cipher suites (in TLS 1.2 and earlier) and confirming protocol parameters. Forward secrecy is a property achieved by using ephemeral key exchange (e.g., (EC)DHE), not a specific message that “sends a list.” “Integrity check” is a security goal/mechanism, not the negotiation step. While TLS 1.3 changes the structure of negotiation (cipher suite list still appears in ClientHello but only covers AEAD and hash; key exchange is negotiated via extensions), the fundamental idea remains: the client proposes supported cipher suites in ClientHello, and the server picks compatible parameters. Therefore, the process that sends the list of supported cipher suites is the ClientHello.

The NOBUS (Nobody But Us) principle is a controversial security notion suggesting that it is possible to introduce or maintain an access capability (often framed as a “backdoor” or exploitable weakness) that is effectively usable only by the party that designed it—typically a government or specific organization—while remaining infeasible for everyone else to exploit. In practice, NOBUS is invoked in debates about lawful access, surveillance, and exceptional access mechanisms: proponents claim that sophisticated entities can keep exploitation techniques secret and complex enough that adversaries cannot replicate them. Critics argue that this assumption is fragile because vulnerabilities can be independently discovered, reverse engineered, leaked, or eventually exploited as tools and knowledge spread. Moreover, once a weakness exists, it becomes a systemic risk: software and cryptographic systems are widely deployed and adversaries can invest heavily in finding and weaponizing the same flaw. Modern security engineering generally favors eliminating known weaknesses rather than relying on secrecy or assumed asymmetry of capability. Therefore, the best description of NOBUS is that a vulnerability is believed to be so difficult to exploit that only its creator can exploit it.

The expression 23 mod 6 asks for the remainder when 23 is divided by 6. Modular arithmetic is foundational in cryptography, especially in public-key systems (RSA, Diffie–Hellman, ECC) where operations occur in finite rings or fields. To compute 23 mod 6, identify the largest multiple of 6 that does not exceed 23. Multiples of 6 are 6, 12, 18, 24. Since 24 is greater than 23, the largest valid multiple is 18. Subtract: 23 − 18 = 5, so the remainder is 5. Therefore, 23 mod 6 = 5, which corresponds to option “05.” Modular reduction keeps numbers within a fixed range (0 to modulus−1), enabling stable arithmetic under wraparound behavior. In cryptographic protocols, this wraparound property is essential for defining groups and ensuring operations remain bounded and consistent.

Bit-flipping exploits target encryption modes or protocols that do not provide strong integrity, allowing attackers to modify ciphertext so that predictable changes occur in plaintext after decryption. To defend against this, protocols add an integrity mechanism that detects tampering. In WPA (including enterprise deployments), TKIP introduced a Message Integrity Check (MIC) called “Michael.” The MIC is computed over the frame contents (with additional fields) and verified by the receiver; if an attacker flips bits in transit, the MIC verification fails, and the frame is rejected. While AES (used by WPA2’s CCMP) also provides integrity via authenticated encryption, the option presented that directly names the tamper-detection mechanism associated with guarding against bit-flipping is MIC. A pre-shared key is an authentication/keying method (and not enterprise-mode anyway), and a “global encryption key” would be the opposite of what you want—global/static keys worsen security. Therefore, the intended mechanism that mitigates bit-flipping by detecting unauthorized modifications is the Message Integrity Check.

Digital signatures provide integrity, authenticity, and typically non-repudiation by using an asymmetric key pair. The signer uses the private key to create a signature over a message (usually over a hash/digest of the message). Because the private key is kept secret, only the legitimate signer should be able to produce a valid signature. Anyone who has the corresponding public key can then validate the signature: they verify that the signature matches the message digest under the public key and that the signed data has not been altered. This is why the public key can be widely distributed (often inside an X.509 certificate) while the private key must be protected by the signer. If a public key were used to sign, anyone could forge signatures; if a private key were required for validation, only the signer could validate, defeating the purpose of public verifiability. Therefore, the correct key roles are private key for signing and public key for signature validation.

3DES (Triple DES) applies the DES block cipher three times to increase effective security, and its commonly cited valid key sizes correspond to how many independent DES keys are used. Two-key 3DES uses two 56-bit DES keys (K1 and K2) in an EDE sequence (Encrypt with K1, Decrypt with K2, Encrypt with K1), yielding 112 bits of keying material (ignoring parity bits). Three-key 3DES uses three independent 56-bit keys for a total of 168 bits of keying material, but that option is not listed here. A 56-bit key corresponds to single DES, not 3DES. 128-bit is associated with AES, not 3DES. 2,048-bit is typical for RSA keys, not symmetric ciphers. Therefore, among the choices provided, 112-bit is a valid 3DES key size. While 3DES is now deprecated for many uses due to its 64-bit block size and performance limitations, understanding its keying options remains important for legacy system assessment.

Frequency analysis is a classical cryptanalysis technique that exploits predictable statistical patterns in natural language. In English, certain letters (like E, T, A, O, I, N) occur more frequently than others, and common digrams/trigrams (TH, HE, IN, ER) appear with recognizable distribution. When a cipher preserves character boundaries (as in many substitution ciphers), the ciphertext will also show frequency patterns—though mapped to different symbols. The analyst counts ciphertext character occurrences, compares the distribution to expected English letter frequencies, and infers likely plaintext mappings. “Spotting variations” refers to observing differences in how often symbols appear and using that to plot relationships between ciphertext and standard English. Brute force instead tries all keys; known-plaintext attacks rely on having plaintext–ciphertext pairs; chosen-ciphertext attacks involve decrypting attacker-selected ciphertexts. Those are different attack models. Frequency analysis is specifically about statistical correlation between ciphertext symbols and language characteristics, which is why it is effective against monoalphabetic substitution and weak polyalphabetic schemes with short periods.

A digital signature is a cryptographic mechanism that enables a recipient to verify who created a message (authenticity) and that the message has not been altered (integrity). It is typically built using asymmetric cryptography: the signer uses a private key to sign a hash (digest) of the message, producing a signature. Anyone with the signer’s public key can verify that the signature matches the message digest, confirming the signature was created by the corresponding private key and that the content remains unchanged. Digital signatures do not primarily provide confidentiality; the signed message may still be readable unless separately encrypted. They also support nonrepudiation in many operational contexts because a valid signature can be strong evidence that the private key holder authorized the signed data, assuming key protection and policy controls. Common digital signature algorithms include RSA-PSS, ECDSA, and EdDSA. Certificates (X.509) are often used to bind public keys to identities, allowing verifiers to trust the claimed signer. Therefore, the best definition is a technique to verify authenticity and integrity.

OCSP is the primary online alternative to CRLs for checking whether a certificate has been revoked. With a CRL, a relying party periodically downloads a list of revoked certificate serial numbers published by the issuing CA (or CRL distribution point). That approach can be bandwidth-heavy, introduces latency between revocation and client awareness, and can result in clients using stale revocation data if updates are infrequent. OCSP improves this by allowing a client (or a server on the client’s behalf) to query an OCSP responder in near real time about the status of a specific certificate (good, revoked, or unknown). In practice, many TLS deployments use OCSP stapling, where the server periodically fetches a signed OCSP response from the CA’s responder and “staples” it to the TLS handshake, reducing client-side network calls and improving privacy (the CA doesn’t learn which site the client is visiting). Thus, OCSP provides a more timely, certificate-specific revocation status mechanism than CRLs while preserving the CA’s signed assurance.

An IV (Initialization Vector) is a value used to ensure that encrypting identical plaintext under the same key produces different ciphertexts, preventing pattern leakage. In many secure designs, the IV must be unique (and often unpredictable) per encryption operation. A common way to ensure uniqueness is to incorporate a nonce—a “number used once.” A nonce can be random, pseudo-random, or a counter-based value depending on the mode and security requirements. For example, CTR mode uses a nonce combined with a counter to produce unique input blocks; GCM uses a nonce/IV to ensure unique authentication and encryption behavior. The encryption key should remain stable across many operations and should not be used as the “randomizer” for IV generation; mixing key material into IV creation in an ad hoc way can create reuse or correlation issues. Plaintext and algorithm do not provide the needed uniqueness property. The nonce concept is specifically about ensuring one-time uniqueness of the starting value so that IV reuse does not repeat keystream blocks (stream modes) or reveal plaintext equality (CBC/CTR). Therefore, the correct choice is Nonce.

A polyalphabetic substitution cipher uses multiple substitution alphabets rather than a single fixed mapping. The classic cipher that uses a keyword to select shifting alphabets across the message is the Vigenère cipher. In Vigenère, each plaintext letter is shifted by an amount determined by the corresponding key letter (repeating the keyword as needed). For example, a keyword like “YELLOW” is aligned under the plaintext; each key character defines a Caesar shift (A=0, B=1, …) applied to the plaintext character, producing ciphertext. This rotation of alphabets across positions makes Vigenère more resistant to simple frequency analysis than monoalphabetic substitution, because the same plaintext letter may encrypt to different ciphertext letters depending on its position relative to the key. The Pigpen cipher is a symbol substitution cipher, Caesar is monoalphabetic with a single shift, and Playfair is a digraph substitution cipher using a 5×5 key square, not the repeating-key polyalphabetic method described. Therefore, the correct cipher is Vigenère.

CTR mode turns a block cipher (like AES) into a stream-like construction by generating a keystream from successive encryptions of a changing input block. Specifically, CTR forms input blocks using a nonce (unique per message) combined with an increasing counter. Each nonce||counter block is encrypted with the block cipher under the shared key, producing a pseudorandom output block. That output is then XORed with plaintext to yield ciphertext (and XORed with ciphertext to recover plaintext). This design enables parallelization (blocks can be generated independently), efficient random access decryption, and avoids chaining dependencies seen in modes like CBC. Option B describes CFB-like behavior; option C describes ECB; option D describes CBC. CTR’s security critically depends on never reusing the same nonce/counter sequence with the same key, because reuse would repeat keystream blocks and expose plaintext relationships. Therefore, the correct description is that CTR converts the block cipher into a stream cipher using a counter value and a nonce.

Digital signing of software typically works by hashing the application (or its manifest) and then using the publisher’s private key to create a digital signature over that digest. The private key is used because it is secret and uniquely controlled by the publisher; only the publisher should be able to produce a valid signature. Verifiers (customers) use the publisher’s public key to validate the signature and confirm that the digest matches the software they received. This yields two key properties: integrity (the software hasn’t been altered; any modification changes the digest and breaks verification) and authenticity (the signature proves it came from the private-key holder). Option A incorrectly describes symmetric stream encryption. Option C incorrectly generalizes private-key behavior as “block encryption.” Option D is wrong because verification uses the public key, not a private key; also, “encrypting with private key” in this context is better understood as signing, not confidentiality encryption. Therefore, the correct rationale is that the asymmetric private key is used to sign the file’s digest so the corresponding public key can verify integrity and authenticity.

SHA-1 (Secure Hash Algorithm 1) produces a fixed-size output of 160 bits (20 bytes). Hash output size matters in cryptography because it influences collision resistance and the effort required for various attacks. For an ideal n-bit hash, finding a collision by generic means is expected around 2^(n/2) operations (birthday bound). With SHA-1’s 160-bit output, that generic bound would be about 2^80, which was once considered strong; however, SHA-1 has been broken in practice with significantly less work due to cryptanalytic advances, and it is now deprecated for most security uses. Still, the question is strictly about output length, not current suitability. The other options do not match SHA-1: 40 bits would be far too small for a modern hash, 80 bits is not SHA-1’s output, and 320 bits would imply a much larger digest (closer to SHA-256’s 256 bits or SHA-384’s 384 bits). Therefore, the correct SHA-1 output length is 160 bits.

Code-signing is used to provide verifiable assurance that software comes from a known publisher and has not been modified since it was signed. In a typical code-signing workflow, the publisher computes a cryptographic hash (digest) of the executable or package and then creates a digital signature over that digest using the publisher’s private key. Operating systems, browsers, and application platforms verify the signature using the corresponding public key (usually delivered via a code-signing certificate chained to a trusted root). If verification succeeds, the system can trust that the code’s contents match what the publisher signed (integrity) and that the signer identity is authenticated by the certificate chain (authenticity). This helps defend against tampering, malware injection, and supply-chain attacks where attackers alter binaries or updates in transit or at rest. Code-signing does not primarily generate randomness, compress data, or authenticate users; it authenticates the software publisher and validates the software artifact. Modern ecosystems also use timestamping and revocation checking to handle certificate expiration and compromised signing keys, reinforcing trust over time.

HIPAA is a U.S. regulation focused on protecting the privacy and security of protected health information (PHI). In relation to encryption, HIPAA’s Security Rule requires covered entities and business associates to implement appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and availability of electronic PHI. Encryption is widely recognized as a key technical safeguard for confidentiality—protecting PHI in transit (e.g., over networks) and at rest (e.g., on storage devices) by making data unreadable without the proper keys. HIPAA does not standardize encryption across all industries, nor does it prohibit electronic health records; it regulates how they must be protected. While HIPAA often uses the term “addressable” for encryption controls (meaning organizations must implement it if reasonable and appropriate, or document an equivalent alternative), the overarching purpose remains protection of patient information through secure measures, with encryption as a central mechanism. Therefore, the best answer is ensuring confidentiality of patient information through secure measures like encryption.

Large prime numbers are crucial because they enable cryptosystems where certain operations are easy to perform, but reversing them is computationally hard without secret information. In RSA, security is based on the difficulty of factoring a large composite number that is the product of two large primes; multiplying primes is easy, but factoring the product is believed to be hard at sufficient sizes. In Diffie–Hellman and related systems, primes define finite groups (often modulo a large prime) where exponentiation is efficient but the discrete logarithm problem is hard. Primes also help ensure desirable group properties—such as having a large cyclic subgroup—reducing vulnerabilities from small subgroups or weak structure. The value of “large” is that it makes brute-force and known algorithmic attacks infeasible with current computing resources. Large primes do not primarily make encryption faster, nor do they make decryption easier; they are chosen to maximize security margins. While primes can be involved in encoding steps, their importance is security: they form the mathematical foundation for hardness assumptions used by major public-key algorithms. Therefore, the best answer is that they provide security in encryption algorithms.

Lightweight cryptography is designed for constrained environments—devices with limited CPU, memory, storage, bandwidth, and power (battery). Examples include IoT sensors, smart locks, RFID tags, embedded controllers, and industrial devices. Administrators choose lightweight algorithms and protocols to maintain reasonable security while fitting strict resource budgets and real-time constraints. The goal is not “weaker security because data is unimportant,” but rather efficient security that can still meet threat models under constraints. Option B captures this: embedded systems often cannot afford the computational cost of heavy cryptographic primitives (large key sizes, complex modes, frequent handshakes) or may struggle with latency and energy consumption. Option A is irrelevant because physical security of a desktop doesn’t remove the need for cryptography in communications or storage. Option C is the opposite of lightweight design. Option D is a poor justification; security design should be based on risk, and lightweight cryptography is not merely for “minimal protection,” but for practical deployability under constraints. Therefore, the correct reason is limited resources on embedded systems.

HMAC (Hash-based Message Authentication Code) is a standard mechanism used to verify both integrity and authenticity of a message when two parties share a secret key. It combines a cryptographic hash function (such as SHA-256) with a secret key in a structured way that resists common attacks on naïve keyed-hash constructions. The sender computes an HMAC tag over the message and transmits the message plus tag. The receiver recomputes the HMAC using the same shared secret key and compares the result; if the tag matches, the receiver can be confident the message was not modified in transit and that it came from someone who knows the shared key. AES is an encryption algorithm primarily providing confidentiality; it can provide integrity only when used in authenticated modes (e.g., GCM) but “AES” alone is not the integrity component. An IV helps randomize encryption but does not validate integrity. TKIP is a legacy WLAN protocol component, not the general integrity verifier. Therefore, the correct component for verifying message integrity among the options is HMAC.

A salt is a unique, random value stored alongside a password hash and combined with the password during hashing. Its main security benefit is that it ensures identical passwords do not produce identical hashes across different accounts or systems. If two users choose the same password, their stored hashes will differ because their salts differ, which directly prevents attackers from spotting shared passwords by comparing hashes. Salts also defeat precomputation attacks such as rainbow tables, because an attacker would need to regenerate tables for each possible salt value—a task that becomes infeasible when salts are large and unique per password. Salt does not enforce password complexity rules (that’s a policy/validation function), does not guarantee users choose different passwords, and does not prevent password reuse across sites. The correct statement is that salt makes the resulting hash different even for the same password, improving resistance to offline cracking at scale and eliminating the “same hash = same password” shortcut attackers rely on.

OTP systems (such as HOTP and TOTP) generate a sequence of passwords using a shared secret and a moving factor (counter or time). The critical secret that underpins the ability to compute past or future OTP values is the seed (also called the shared secret key). In HOTP, the seed is used with an HMAC function and an incrementing counter; in TOTP, the seed is used with HMAC and a time-step value. If an attacker obtains the seed and knows the algorithm and moving factor, they can compute future OTPs. The “function” and “encryption algorithm” are typically standardized and public; security relies on keeping the seed secret. An initialization vector is not a standard OTP component in HOTP/TOTP generation. Therefore, the component needed to predict future OTP values is the seed. Protecting the seed is essential: it should be stored securely (e.g., hardware token secure storage) and transmitted only through controlled provisioning processes. If compromised, OTP becomes predictable and no longer serves as a strong second factor.

Large-scale quantum computers threaten many widely deployed public-key algorithms because quantum algorithms can solve their underlying hard math problems efficiently. In particular, Shor’s algorithm can factor large integers and compute discrete logarithms in polynomial time, which directly breaks the security assumptions of RSA (factoring) and traditional Diffie–Hellman/ECC (discrete log). That makes RSA the clearest target among the options. By comparison, symmetric algorithms like AES are affected mainly by Grover’s algorithm, which provides a quadratic speedup for brute force; this can be mitigated by using larger keys (e.g., AES-256). Hash functions like SHA-256 also face Grover-style speedups for preimage search, again mitigated by output length/security margin, and collision resistance is impacted differently. ECB is a mode of operation, not a standalone algorithm, and its issues are classical (pattern leakage), not specifically quantum. Therefore, the algorithm most directly threatened by quantum computing among the choices is RSA.

The Enigma machine is historically known as an electro-mechanical cipher device used primarily by Nazi Germany to secure military and diplomatic communications during World War II. It implemented a polyalphabetic substitution through a system of rotors, a reflector, and a plugboard, producing a large number of possible daily key settings. Operators would configure rotor order, ring settings, initial positions, and plugboard swaps, then type messages to generate ciphertext. Enigma’s operational security depended heavily on correct procedures and secrecy of keys; weaknesses in procedures and design properties, combined with brilliant cryptanalysis and engineering efforts by Allied codebreakers (notably at Bletchley Park), enabled large-scale decryption of Enigma-encrypted traffic. In cryptography history, Enigma represents the transition from manual ciphers to machine-assisted encryption and demonstrates how both mathematics and operational practices determine real-world security. It is not simply an “algorithm” in the modern software sense, and it is not a decryption method or email encryption tool. Therefore, the correct description is that it was a device used for secure communication during WWII.

A brute-force attack exhaustively tries every possible key or password candidate until the correct one is found. Because it explores the full search space (or a very large portion of it), brute force is often the slowest method, especially when strong keys, long passwords, rate limits, and slow password hashing (bcrypt/Argon2) are used. By contrast, a dictionary attack reduces work by trying only common or likely passwords, often succeeding quickly against weak human-chosen secrets. Rainbow table attacks shift work into precomputation; once a table exists, lookup can be faster than brute-force—though salt and modern hashing defeat them. Birthday attacks are about finding collisions, not necessarily recovering a specific secret, and their expected work is about 2^(n/2) for an n-bit hash, which can be less than brute-force key search in many contexts. Therefore, among the listed options, brute-force generally takes the longest to succeed because it makes the fewest assumptions and does the most total work.

In AES, the number of rounds is explicitly tied to the key length. AES-128 uses 10 rounds, AES-192 uses 12 rounds, and AES-256 uses 14 rounds. The purpose of additional rounds is to increase diffusion and confusion, strengthening resistance against cryptanalysis as the key schedule and state transformations iterate more times. Although key length primarily affects brute-force resistance, AES’s designers and standardization parameters link longer keys with more rounds to maintain security margins across variants, especially considering differences in the key schedule structure. Thus, as key length increases from 128 to 192 to 256 bits, the number of rounds increases correspondingly from 10 to 12 to 14. This relationship is fixed by the AES specification and does not vary dynamically at runtime. Therefore, the correct correlation is that the number of rounds increases as the key length increases.

One-way client authentication is the method where the client (customer) proves its identity to the server (web service). In cryptographic terms, this is commonly implemented through client credentials such as client TLS certificates (mTLS from the server’s perspective) or through authentication protocols layered over TLS (for example, signed tokens), but the defining direction is that the client is the party being authenticated. In a strict TLS certificate-authentication framing, client authentication occurs when the server requests a client certificate during the handshake and the client demonstrates possession of the corresponding private key (via signature in handshake messages). The server then validates the client certificate chain and authorization policy. One-way server authentication, by contrast, authenticates only the server to the client and does not identify the customer. Mutual authentication authenticates both sides simultaneously; while it includes client authentication, it is broader than what the question asks. “End-to-end authentication” describes assurance between endpoints across intermediaries, but it is not the specific “customer authenticates to service” method in certificate-based terminology. Therefore, the best answer is one-way client authentication.