看到最新Introduction-to-Cryptography題庫資訊意味著你已經通過了WGU Introduction to Cryptography HNO1的一半KaoGuTi可以為你提供捷徑,給你節約好多時間和精力換。KaoGuTi會為你的WGU Introduction-to-Cryptography認證考試提供很好的培訓工具,有效的幫助你通過WGU Introduction-to-Cryptography認證考試。如果你在其他網站也看到了可以提供相關資料,你可以繼續往下看,你會發現其實資料主要來源於KaoGuTi,而且KaoGuTi提供的資料最全面,而且更新得最快。 最新的 Courses and Certificates Introduction-to-Cryptography 免費考試真題 (Q46-Q51):問題 #46
(What describes how Counter (CTR) mode encryption functions?)
A. Uses a self-synchronizing stream cipher where the IV is encrypted and XORed with the data stream one bit at a time
B. Converts the block cipher into a stream cipher, then uses a counter value and a nonce to encrypt the data
C. Encrypts each block with the same key, where each block is independent of the others
D. Uses an IV to encrypt the first block, then uses the result of the encryption to encrypt the next block
答案:B
解題說明:
CTR mode turns a block cipher (like AES) into a stream-like construction by generating a keystream from successive encryptions of a changing input block. Specifically, CTR forms input blocks using a nonce (unique per message) combined with an increasing counter. Each nonce||counter block is encrypted with the block cipher under the shared key, producing a pseudorandom output block. That output is then XORed with plaintext to yield ciphertext (and XORed with ciphertext to recover plaintext). This design enables parallelization (blocks can be generated independently), efficient random access decryption, and avoids chaining dependencies seen in modes like CBC. Option B describes CFB-like behavior; option C describes ECB; option D describes CBC. CTR's security critically depends on never reusing the same nonce/counter sequence with the same key, because reuse would repeat keystream blocks and expose plaintext relationships. Therefore, the correct description is that CTR converts the block cipher into a stream cipher using a counter value and a nonce.
問題 #47
(Which authentication method allows a web service installed on a network operating system to prove its identity to a customer?)
A. End-to-end authentication
B. One-way server authentication
C. One-way client authentication
D. Mutual authentication
答案:B
解題說明:
One-way server authentication is the standard model used by most TLS-enabled web services to prove the server's identity to a client. In this model, the server presents an X.509 certificate during the TLS handshake. The client validates the certificate chain to a trusted root CA, checks hostname binding (CN
/SAN), validates validity dates, and may check revocation status. If validation succeeds, the client gains cryptographic assurance that it is communicating with the holder of the private key corresponding to the server certificate's public key, and that the certificate is issued to the expected domain/identity. This proves the server's identity to the customer without requiring the customer to present a certificate.
Mutual authentication would require both client and server to authenticate each other using certificates (commonly in certain enterprise APIs), but the question asks specifically about the web service proving its identity to the customer, which is satisfied by server-only authentication. One-way client authentication is the opposite direction (client proves identity to server). "End-to-end authentication" is a broader concept and not the specific TLS identity proof mechanism described here. Thus, one-way server authentication is the correct choice.
問題 #48
(What is the length of the Initialization Vector (IV) in WEP?)
A. 40 bits
B. 48 bits
C. 24 bits
D. 56 bits
答案:C
解題說明:
WEP (Wired Equivalent Privacy) uses the RC4 stream cipher and combines a per-packet Initialization Vector (IV) with a shared secret key to form the RC4 seed for that packet's keystream. The IV in WEP is 24 bits long and is transmitted in the clear as part of the 802.11 frame so the receiver can reconstruct the same per-packet RC4 key stream. The short IV space (2²# possible values) is a major design weakness: on a busy network, IVs repeat frequently, causing keystream reuse. Because RC4 is a stream cipher, keystream reuse enables attackers to derive relationships between plaintexts and recover keys with statistical attacks (notably the Fluhrer, Mantin, and Shamir (FMS) family of attacks and related improvements). WEP also uses a CRC-32 integrity check (ICV) that is not cryptographically strong and is vulnerable to modification attacks. The 24-bit IV length is therefore a key reason WEP is considered insecure and has been replaced by WPA/WPA2 mechanisms that use stronger key mixing, larger nonces/IVs, and robust integrity protection.
問題 #49
(What are the roles of keys when using digital signatures?)
A. A private key is used for both signing and signature validation.
B. A public key is used for both signing and signature validation.
C. A private key is used for signing, and a public key is used for signature validation.
D. A public key is used for signing, and a private key is used for signature validation.
答案:C
問題 #50
(What is the RC4 encryption key size when utilizing WPA with Temporal Key Integrity Protocol (TKIP)?)
A. 40 bits
B. 128 bits
C. 56 bits
D. 256 bits
答案:B
解題說明:
WPA with TKIP was designed as an interim improvement over WEP while still using the RC4 stream cipher for compatibility with legacy hardware. TKIP addresses WEP's major weaknesses by introducing per-packet key mixing, a message integrity mechanism ("Michael"), and replay protection.
In TKIP, the encryption key used with RC4 is 128 bits. Practically, TKIP derives a per-packet RC4 key from a 128-bit temporal key (TK), the transmitter's MAC address, and a sequence counter (TKIP Sequence Counter, TSC) to avoid the simple IV reuse patterns that made WEP easy to break. Even with these improvements, TKIP has known weaknesses and is deprecated in favor of WPA2/WPA3 using AES-based CCMP/GCMP. But strictly for the question asked, TKIP's RC4 keying material is based on a 128-bit key size, not 40/56-bit legacy sizes and not 256-bit.