WGU D430 / C836 Fundamentals of Information Security-
Operations Security (OPSEC) and Penetration Testing
Questions and answers 2025/2026
Symmetric Cryptography - correct answer Encryption that uses a single key to encrypt
and decrypt a message.
Block Cipher - correct answer Takes a predetermined number of bits, known as a
block, in the plaintext message and encrypts that block
Stream Cipher - correct answer Encrypts each bit in the plaintext message, 1 bit at a
time
Symmetric Key Algorithms - correct answer DES
3DES
and
AES
Symmetric Key Algorithms: DES - correct answer A block cipher based on symmetric
key cryptography and uses a 56-bit key. Not that secured any more.
Symmetric Key Algorithms: AES - correct answer Uses three different ciphers: one with
a 128-bit key, one with a 192-bit key, and one with a 256-bit key, all having a block
length of 128 bits
Asymmetric Cryptography - correct answer Utilizes two keys: a public key and a
private key. The public key is used to encrypt data sent from the sender to the receiver
and is shared with everyone. Private keys are used to decrypt data that arrives at the
receiving end and are very carefully guarded by the receive
Asymmetric Key Algorithms - correct answer 1. Secure Sockets Layer (RSA) by Ron
Rivest, Adi Shamir, and Leonard Adleman
,2. Elliptic Curve Cryptography (ECC) - can secure all browser connections to the Web
servers
3. ElGamal
4. Diffie-Hellman
5. DSS
6. Pretty Good Privacy (PGP)
7. Transport Layer Security (TLS)
8. Voice over IP (VoIP)
Hash Function - correct answer Create a largely unique and fixed-length hash value
based on the original message
Hashes provide integrity, but not confidentiality. It can't un-hash a message.
Hashes are very useful when distributing files or sending communications, as the hash
can be sent with the message so that the receiver can verify its integrity
Digital Signatures - correct answer Ensure that the message was legitimately sent by
the expected party, and to prevent the sender from denying that he or she sent the
message, known as nonrepudiation
Certificates - correct answer Link a public key to a particular individual and are often
used as a form of electronic identification for that particular person.
, Protecting Data at Rest - correct answer An area in which security is often lax and is a
particularly bad area in which we choose not to emphasize security.
Data is at rest when it is on a storage device.
Protecting Data In Motion - correct answer Over a closed WAN or LAN, over a wireless
network, over the Internet, or in other ways
SSL and TLS are often used to protect information sent over networks and over the
Internet
Data is in motion when it is on a actively transporting over a network.
Protecting Data In Use - correct answer Hardest to protect. Data is in use when a user
is accessing the data.
Cipher - correct answer An algorithm used for cryptographic purposes.
Cryptanalysis - correct answer The science of breaking through encryption
Federal Information Security Management Act or Federal Information Security
Modernization Act (FISMA) - correct answer Ensures the protection of information,
operations, and assets in the federal government.
Requires each federal agency to develop, document, and implement an information
security program to protect its information and information systems. Annual reviews of
these programs are required to maintain compliance and keep security risks to an
acceptable level.
Operations Security (OPSEC) and Penetration Testing
Questions and answers 2025/2026
Symmetric Cryptography - correct answer Encryption that uses a single key to encrypt
and decrypt a message.
Block Cipher - correct answer Takes a predetermined number of bits, known as a
block, in the plaintext message and encrypts that block
Stream Cipher - correct answer Encrypts each bit in the plaintext message, 1 bit at a
time
Symmetric Key Algorithms - correct answer DES
3DES
and
AES
Symmetric Key Algorithms: DES - correct answer A block cipher based on symmetric
key cryptography and uses a 56-bit key. Not that secured any more.
Symmetric Key Algorithms: AES - correct answer Uses three different ciphers: one with
a 128-bit key, one with a 192-bit key, and one with a 256-bit key, all having a block
length of 128 bits
Asymmetric Cryptography - correct answer Utilizes two keys: a public key and a
private key. The public key is used to encrypt data sent from the sender to the receiver
and is shared with everyone. Private keys are used to decrypt data that arrives at the
receiving end and are very carefully guarded by the receive
Asymmetric Key Algorithms - correct answer 1. Secure Sockets Layer (RSA) by Ron
Rivest, Adi Shamir, and Leonard Adleman
,2. Elliptic Curve Cryptography (ECC) - can secure all browser connections to the Web
servers
3. ElGamal
4. Diffie-Hellman
5. DSS
6. Pretty Good Privacy (PGP)
7. Transport Layer Security (TLS)
8. Voice over IP (VoIP)
Hash Function - correct answer Create a largely unique and fixed-length hash value
based on the original message
Hashes provide integrity, but not confidentiality. It can't un-hash a message.
Hashes are very useful when distributing files or sending communications, as the hash
can be sent with the message so that the receiver can verify its integrity
Digital Signatures - correct answer Ensure that the message was legitimately sent by
the expected party, and to prevent the sender from denying that he or she sent the
message, known as nonrepudiation
Certificates - correct answer Link a public key to a particular individual and are often
used as a form of electronic identification for that particular person.
, Protecting Data at Rest - correct answer An area in which security is often lax and is a
particularly bad area in which we choose not to emphasize security.
Data is at rest when it is on a storage device.
Protecting Data In Motion - correct answer Over a closed WAN or LAN, over a wireless
network, over the Internet, or in other ways
SSL and TLS are often used to protect information sent over networks and over the
Internet
Data is in motion when it is on a actively transporting over a network.
Protecting Data In Use - correct answer Hardest to protect. Data is in use when a user
is accessing the data.
Cipher - correct answer An algorithm used for cryptographic purposes.
Cryptanalysis - correct answer The science of breaking through encryption
Federal Information Security Management Act or Federal Information Security
Modernization Act (FISMA) - correct answer Ensures the protection of information,
operations, and assets in the federal government.
Requires each federal agency to develop, document, and implement an information
security program to protect its information and information systems. Annual reviews of
these programs are required to maintain compliance and keep security risks to an
acceptable level.
