Most Recent WGU Introduction-to-Cryptography Exam Dumps

NIST's lightweight cryptography effort targets environments like IoT and embedded systems where CPU, memory, energy, and bandwidth are constrained, yet strong security is still required. Ascon is an authenticated encryption with associated data (AEAD) family designed to be efficient in both hardware and software with small footprint, making it well-suited for constrained devices. NIST selected Ascon because it offers a strong security design with good performance and implementability under tight resource budgets, while providing modern protections (confidentiality + integrity) through AEAD. That aligns with option C: secure and efficient encryption for resource-constrained devices. The selection was not primarily about authenticating users (that is typically handled by protocols and identity systems, not an AEAD primitive). It was also not mainly about legacy compatibility; lightweight cryptography aims at new and constrained deployments rather than preserving outdated stacks. And while Ascon can certainly be used to protect data at rest, that is only one application; the core reason for the choice is its suitability for constrained environments and robust, efficient authenticated encryption.

ECB is the simplest block cipher mode: each plaintext block is encrypted independently using the same key and the block cipher primitive. There is no IV and no chaining, so identical plaintext blocks produce identical ciphertext blocks. This property leaks patterns and structure in the plaintext, which is why ECB is generally considered insecure for most real-world data beyond tiny, random-looking inputs. For example, images encrypted with ECB often reveal outlines because repeated pixel blocks map to repeated ciphertext blocks. Option A describes CTR mode, option C describes CBC mode, and option B resembles feedback-based modes. ECB's independence also means it can be parallelized, but the pattern leakage is a severe weakness. Modern practice prefers authenticated encryption modes (like GCM) or, at minimum, modes with IVs and chaining (like CBC with proper padding and MAC). Therefore, the correct statement is that ECB encrypts each block with the same key and each block is independent of the others.

Large prime numbers are crucial because they enable cryptosystems where certain operations are easy to perform, but reversing them is computationally hard without secret information. In RSA, security is based on the difficulty of factoring a large composite number that is the product of two large primes; multiplying primes is easy, but factoring the product is believed to be hard at sufficient sizes. In Diffie--Hellman and related systems, primes define finite groups (often modulo a large prime) where exponentiation is efficient but the discrete logarithm problem is hard. Primes also help ensure desirable group properties---such as having a large cyclic subgroup---reducing vulnerabilities from small subgroups or weak structure. The value of ''large'' is that it makes brute-force and known algorithmic attacks infeasible with current computing resources. Large primes do not primarily make encryption faster, nor do they make decryption easier; they are chosen to maximize security margins. While primes can be involved in encoding steps, their importance is security: they form the mathematical foundation for hardness assumptions used by major public-key algorithms. Therefore, the best answer is that they provide security in encryption algorithms.

Auditing improves cryptographic practice by systematically evaluating whether cryptographic controls are correctly selected, implemented, configured, and maintained. Through audits, an organization can discover weak algorithms (e.g., deprecated hashes), improper key lengths, unsafe modes (e.g., unauthenticated CBC), missing integrity controls, poor certificate validation, and operational problems such as key reuse, weak randomness sources, inadequate rotation, or overly permissive access to key material. Audits also assess compliance with internal policy and external standards, ensuring crypto is used consistently across systems and that exceptions are documented and risk-managed. Importantly, auditing does not guarantee that incidents will never happen; it reduces risk by finding gaps before attackers do. It also does not eliminate the need for updates---audits often reveal that policies must evolve as threats and best practices change. Employee training can be recommended as an outcome of auditing, but audits do not automatically ensure training. Thus, the most accurate benefit is that auditing identifies weaknesses and drives corrective action, strengthening cryptographic posture over time.

Lightweight cryptography is important because many modern systems operate in constrained environments---IoT sensors, embedded controllers, wearables, and mobile devices---where CPU, memory, storage, bandwidth, and battery power are limited. Traditional ''heavy'' cryptographic suites may be too slow, too energy-intensive, or too large in code footprint for these platforms, leading to insecure workarounds or disabling security entirely. Lightweight cryptographic primitives and profiles are designed to deliver strong security properties (confidentiality and integrity, often via AEAD) while fitting within tight resource budgets and real-time constraints. This is essential as IoT and mobile ecosystems expand, increasing the attack surface and the consequences of compromised devices (botnets, surveillance, physical safety risks). Lightweight cryptography is not meant to ''limit encryption tools'' or complicate protection; it enables practical, deployable security where otherwise implementations might be weak or absent. High-speed network communication can benefit from efficient crypto too, but the defining modern driver is constrained-device security. Therefore, the correct reason is addressing the security needs of IoT devices and mobile applications.