D334 Round 2

A block cipher mode uses an IV so that:

A. The key changes every encryption
B. The same plaintext can produce different ciphertexts
C. The plaintext becomes shorter
D. The encryption becomes asymmetric

✅ Correct!

Why?

An Initialization Vector (IV) is used so that:

The same plaintext encrypted with the same key can produce different ciphertexts.

Without an IV:

HELLO + Key123 = ABC123
HELLO + Key123 = ABC123

With different IVs:

HELLO + Key123 + IV1 = XYZ789
HELLO + Key123 + IV2 = MNO456

This prevents:

• 
  Pattern leakage
  

• 
  ECB-style weaknesses
  

• 
  Copy-and-paste attacks

Which block cipher mode uses a counter value that is encrypted and then XOR'd with the plaintext, allowing encryption and decryption operations to be performed in parallel?

A. CBC
B. CFB
C. CTR
D. OFB

✅ Correct!

Why?

The key phrase is:

"counter value that is encrypted and then XOR'd with the plaintext"

That's the textbook definition of CTR (Counter Mode).

How CTR Works

Counter1 → Encrypt → E1
E1 XOR P1 = C1

Counter2 → Encrypt → E2
E2 XOR P2 = C2

Counter3 → Encrypt → E3
E3 XOR P3 = C3

Notice:

• 
  The plaintext blocks don't depend on each other.
  

• 
  The ciphertext blocks don't depend on each other.
  

• 
  Each counter value is independent.
  

OA Memory Hook

CTR = Counter → Encrypt → XOR

If you see:

• 
  Counter
  

• 
  Nonce + Counter
  

• 
  Parallel encryption/decryption
  

• 
  Stream cipher behavior
  

Answer:

✅ CTR

Quick Comparison

Mode	Memory Trigger
ECB	Same plaintext = same ciphertext
CBC	Ciphertext chains blocks together
CFB	Ciphertext becomes next IV
OFB	Encrypted output becomes next IV
CTR	Counter is encrypted and XOR'd

Easy D334 Memory Trick

Think of the handshake as a conversation:

Client Hello
↓
"Here's what I support."

Server Hello
↓
"I pick this cipher suite.
Here's my certificate."

Client Key Exchange
↓
"Here's the information needed
to create the session key."

So:

• Client Hello = Supported cipher suites → 3
  

• Server Hello = Certificate + chosen cipher suite → 1
  

• Client Key Exchange = Session key material → 2
  

Thanks for catching that. On the OA, that matching should be 3, 1, 2, not 2, 1, 3. 👍

✅ Correct.

The answer is:

128-bit blocks, variable length key (128, 192, or 256-bit)

D334 Memory Trick

AES is easy to memorize:

AES Block Size = Always 128 bits

AES Key Sizes = 128, 192, 256 bits

Notice:

The block size never changes.

Only the key size changes.

OA Cheat Code

If you see:

Algorithm	Block Size	Key Size
AES	128-bit	128, 192, 256
DES	64-bit	56-bit
3DES	64-bit	112 or 168-bit

Common OA Trap

Many students pick:

64-bit blocks, variable length key (128, 192, 256)

because they remember the AES key sizes but forget the block size.

Remember:

AES = 128-bit block size, always.

I would absolutely commit this to memory for the OA:

AES
Block = 128
Keys = 128, 192, 256

✅ Correct.

The answer is:

PKCS #5

Why?

The key phrase is:

"deriving cryptographic keys from a password"

That's exactly what PKCS #5 covers.

It defines Password-Based Cryptography, including:

• Password-based encryption

• Key derivation functions

• PBKDF2 (very important for D334)

D334 Memory Hook

Think:

PKCS #5 = Passwords

The 5 looks a little like an S:

PKCS #5
   ↓
Passwords

PKCS Cheat Sheet

PKCS	Remember
PKCS #1	RSA
PKCS #5	Passwords / PBKDF2
PKCS #10	CSR (Certificate Signing Request)
PKCS #12	Certificates + Private Keys in one file (.p12/.pfx)

OA Cheat Code

If you see:

• 
  Password-based encryption
  

• 
  Key derivation from passwords
  

• 
  PBKDF2
  

Answer:

✅ PKCS #5

If you see:

• 
  CSR
  

Answer:

✅ PKCS #10

If you see:

• 
  Certificate + private key in one file
  

Answer:

✅ PKCS #12

---

Question 40: Your answer is correct. ✅

✅ Your answer is correct.

You selected:

• ☑ RC5

• ☑ XTEA

Those are both symmetric block ciphers.

Why the others are wrong

❌ RC4

• Symmetric, but a stream cipher, not a block cipher.

❌ DSA

• Digital Signature Algorithm

• Asymmetric signature algorithm

• Not a cipher at all

D334 Memory Hook

Think of the RC family:

Algorithm	Type
RC4	Stream Cipher
RC5	Block Cipher
RC6	Block Cipher (AES finalist)

And:

Algorithm	Type
TEA	Block Cipher
XTEA	Block Cipher
AES	Block Cipher
DES	Block Cipher

OA Cheat Code

If you see:

RC4

Immediately think:

✅ Stream Cipher

If you see:

RC5, RC6, XTEA, AES, DES, 3DES

Think:

✅ Block Cipher

Which one is the odd one out?

A. AES
B. XTEA
C. RC4
D. RC5

✅ Correct!

C. RC4 is the odd one out.

Algorithm	Type
AES	Block Cipher
XTEA	Block Cipher
RC5	Block Cipher
RC4	Stream Cipher

D334 Memory Hook

RC4 = Stream
RC5 = Block
RC6 = Block

This is a very common exam trap because RC4 and RC5 look almost identical by name.

Think:

RC4 "flows" like a stream.

RC5 works on blocks.

You're getting these algorithm classification questions right consistently, which is a good sign because the OA likes to test:

• 
  Block vs Stream
  

• 
  Symmetric vs Asymmetric
  

• 
  Cipher vs Hash vs Signature

Which algorithm is primarily used for digital signatures rather than encryption?

A. AES
B. DSA
C. RC5
D. ChaCha20

✅ Correct!

B. DSA (Digital Signature Algorithm)

Why?

DSA is designed for:

✅ Digital Signatures
❌ Encryption

Compare the choices

Algorithm	Purpose
AES	Symmetric Encryption
DSA	Digital Signatures
RC5	Symmetric Encryption
ChaCha20	Stream Cipher Encryption

D334 Memory Hook

Think:

DSA = Digital Signature Algorithm

The name literally gives away its purpose.

OA Cheat Code

Need to...	Use
Encrypt Data	AES, ChaCha20, RC5
Create Digital Signatures	DSA
Encrypt & Sign	RSA (can do both)

A common exam trap is confusing:

• RSA → Encryption and signatures
  

• DSA → Signatures only

Which hashing algorithm produces a 160-bit hash value and is considered cryptographically broken due to collision attacks?

A. SHA-256
B. SHA-512
C. SHA-1
D. SHA-3

✅ Correct!

C. SHA-1

Why?

SHA-1 produces a:

160-bit hash

and is considered cryptographically broken because researchers have demonstrated practical collision attacks.

D334 Memory Hook

MD5   = 128-bit = Broken
SHA-1 = 160-bit = Broken
SHA-256 = 256-bit = Secure
SHA-512 = 512-bit = Secure

OA Cheat Code

If you see:

160-bit hash

Answer:

✅ SHA-1

If you see:

Collision attacks

Broken hashing algorithm

Think:

✅ MD5

✅ SHA-1

Quick Comparison

Hash	Output Size	Status
MD5	128-bit	Broken
SHA-1	160-bit	Broken
SHA-256	256-bit	Secure
SHA-512	512-bit	Secure

Super Important OA Pattern

If the question says:

"Produces a 160-bit digest"

Don't overthink it.

Answer:

✅ SHA-1

The answer is:

ECB (Electronic Codebook)

Why?

The key phrase is:

"identical plaintext blocks into identical ciphertext blocks"

That is the defining weakness of ECB.

Plaintext Block A → Ciphertext Block X
Plaintext Block A → Ciphertext Block X

Same plaintext + same key = same ciphertext.

What does this cause?

Because patterns remain visible, ECB is vulnerable to:

✅ Pattern leakage

✅ Copy-and-paste attacks

✅ Block replay attacks

Compare to the others

Mode	Identical Plaintext = Identical Ciphertext?
ECB	✅ Yes
CFB	❌ No
OFB	❌ No
CTR	❌ No

D334 Memory Hook

ECB = Exposes Clear Blocks

or

ECB = Every Copy is the same Block

Whenever you see:

• 
  Pattern leakage
  

• 
  Same plaintext → same ciphertext
  

• 
  Copy-and-paste attacks
  

Answer:

✅ ECB

The answer is:

AES (Advanced Encryption Standard)

Why?

The key phrase is:

"selected by NIST in 2001 as a standard for data encryption"

That's exactly what happened.

• NIST held a competition to replace DES.

• The winning algorithm was Rijndael.

• After selection, it became AES.

• Officially adopted in 2001.

D334 Memory Hook

2001
↓
NIST selects Rijndael
↓
Becomes AES

Why the others are wrong

❌ FIPS

• 
  A publication standard, not an encryption algorithm.
  

❌ Caesar

• 
  Ancient substitution cipher.
  

❌ Camellia

• 
  Modern cipher, but not the NIST-selected AES standard.
  

OA Cheat Code

When you see:

NIST

2001

Encryption Standard

Answer:

✅ AES

Quick Facts Worth Memorizing

Fact	Remember
AES adopted	2001
AES block size	128 bits
AES key sizes	128, 192, 256
AES replaced	DES

The answer is:

XOR

Why?

RC4 is a stream cipher.

It works like this:

Plaintext
    XOR
Keystream
    =
Ciphertext

D334 Memory Hook

For all stream ciphers (RC4, ChaCha20, OFB, CTR):

Think:

Keystream + XOR

Keystream XOR Plaintext = Ciphertext

OA Cheat Code

If you see:

• 
  Stream cipher
  

• 
  RC4
  

• 
  ChaCha20
  

• 
  Keystream generation
  

Answer:

✅ XOR

Easy Example

Suppose:

Plaintext = 1010
Keystream = 1100

XOR them:

1010
1100
----
0110

Ciphertext:

0110

That's the basic idea behind RC4.

One-Liner to Memorize

RC4 generates a pseudorandom keystream and XORs it with the plaintext.

✅ Correct answer: PSK (Pre-Shared Key)

D334 Memory Hook

Think:

Home = PSK
Business = Enterprise

Why?
WPA/WPA2/WPA3 Personal

Uses:

✅ PSK (Pre-Shared Key)

This is your typical home Wi-Fi password:

MyWiFiPassword123

Everyone uses the same password.

---

WPA/WPA2/WPA3 Enterprise

Uses:

✅ RADIUS server

✅ Individual user accounts

✅ 802.1X authentication

Common in:

• 
  Businesses
  

• 
  Universities
  

• 
  Hospitals
  

• 
  Government networks
  

---

OA Cheat Code

Environment	Mode
Home / Personal	PSK
Business / Corporate	Enterprise

Whenever you see:

Home network

Personal use

Small office

Answer:

✅ PSK

Whenever you see:

RADIUS

802.1X

Corporate authentication

Answer:

✅ Enterprise

So for Question #34:

Correct Answer: PSK ❌➡✅

The answer is:

ECB (Electronic Codebook)

Why?

The key phrase is:

"encrypts each block independent of others"

That's the defining characteristic of ECB.

P1 → Encrypt → C1

P2 → Encrypt → C2

P3 → Encrypt → C3

Each block is treated separately.

No:

• 
  IV chaining
  

• 
  Ciphertext feedback
  

• 
  Output feedback
  

• 
  Counter values
  

Compare to the Others
ECB

Each block stands alone.

CBC

Previous ciphertext helps encrypt next block.

CFB

Ciphertext feeds back.

OFB

Encryption output feeds back.

D334 Memory Hook

For ECB, remember:

E = Each block is independent

or

ECB = Encrypts blocks by themselves

OA Cheat Code

If you see:

• 
  Independent blocks
  

• 
  Same plaintext → same ciphertext
  

• 
  Pattern leakage
  

• 
  Copy-and-paste attacks
  

Answer:

✅ ECB

The answer is:

Pigpen Cipher

Why?

The key phrase is:

"mapping plaintext characters to graphical characters or symbols"

That's exactly what the Pigpen cipher does.

Instead of letters:

A B C

It uses symbols based on a grid:

┌ ┬ ┐
├ ┼ ┤
└ ┴ ┘

(and variations with dots).

Why the others are wrong

• Caesar → Shifts letters (A→D, B→E, etc.)
  

• Playfair → Encrypts pairs of letters (digraphs)
  

• BIFID → Uses a Polybius square and fractionation
  

• Pigpen → Replaces letters with symbols ✅
  

D334 Memory Hook

Cipher	Remember
Caesar	Letter shifting
Vigenère	Keyword, polyalphabetic
Playfair	Letter pairs
4-Square	Four 5×5 matrices
Pigpen	Symbols instead of letters

OA Cheat Code

If you see:

Graphical symbols

Secret symbols

Masonic cipher

Answer:

✅ Pigpen

✅ Correct.

The answer is:

FREAK

Why?

The key phrase is:

"force them to accept weak 512-bit export-grade keys"

That's exactly what the FREAK attack does.

FREAK stands for:

Factoring RSA Export Keys

It exploits old export-grade cryptography restrictions and can downgrade a connection to weak 512-bit RSA keys.

D334 Memory Hook

FREAK
↓
Factoring RSA Export Keys
↓
512-bit export-grade RSA

Compare the Choices

Attack	Remember
FREAK	Weak 512-bit export RSA keys
POODLE	SSL 3.0 downgrade attack
Pre-image	Hash attack
Algebraic	Cryptanalysis technique

OA Cheat Code

If you see:

• 
  Export-grade encryption
  

• 
  512-bit RSA
  

• 
  Downgrade to weak keys
  

Answer:

✅ FREAK

✅ Correct.

The answer is:

PKCS #5

Why?

The key phrase is:

"deriving cryptographic keys from a password"

PKCS #5 defines Password-Based Cryptography, including:

• Password-Based Encryption (PBE)

• Password-Based Key Derivation Functions

• PBKDF2 (very important for D334)

D334 PKCS Cheat Sheet

PKCS	Remember
PKCS #1	RSA
PKCS #5	Passwords / PBKDF2
PKCS #10	CSR (Certificate Signing Request)
PKCS #12	Certificates + Private Keys (.p12/.pfx)

Memory Trick

PKCS #5
     ↓
Passwords
     ↓
PBKDF2

When you see:

• 
  Password-based encryption
  

• 
  Key derivation from passwords
  

• 
  PBKDF2
  

Answer:

✅ PKCS #5

✅ Correct.

The answer is:

DER (Distinguished Encoding Rules)

Why?

The key phrase is:

"binary format"

That's DER.

DER vs PEM (Very Common OA Question)

Format	Type
DER	Binary
PEM	Base64-encoded text

Memory Trick

Think:

DER = Data Encoded Raw
      ↓
    Binary

and

PEM
↓
Readable text
-----BEGIN CERTIFICATE-----

OA Cheat Code

If you see:

X.509 certificate in binary format

Answer:

✅ DER

If you see:

-----BEGIN CERTIFICATE-----

Answer:

✅ PEM

✅ Correct answer: 24 bits

Why?

WEP uses:

• RC4 stream cipher

• 24-bit IV

• Combined with either a 40-bit or 104-bit secret key

The 24-bit IV is actually one of WEP's biggest weaknesses because it is so small that IVs repeat frequently.

D334 Memory Hook

WEP = Weak
     ↓
24-bit IV

Or:

WEP
↓
24-bit IV
↓
IV Reuse
↓
Cracked

Common OA Trap

Students often pick 40 bits because they remember:

WEP originally used a 40-bit key.

But the question asks for the:

Initialization Vector (IV)

Answer:

✅ 24 bits

Wireless Cheat Sheet

Standard	IV Size
WEP	24-bit IV
WPA/WPA2	Uses TKIP/CCMP improvements
WPA3	SAE authentication

✅ Correct. CBC

The key phrase is:

"incorporates an IV for the first block and then feeds the result of the encryption into the next block."

That's exactly how CBC (Cipher Block Chaining) works.

Visual

Block 1

P1 ⊕ IV
   ↓
 Encrypt
   ↓
  C1

Block 2

P2 ⊕ C1
   ↓
 Encrypt
   ↓
  C2

Block 3

P3 ⊕ C2
   ↓
 Encrypt
   ↓
  C3

D334 Memory Hook

For CBC, memorize:

Ciphertext chains blocks together.

Or even shorter:

CBC = Cipher Block Chaining

The previous ciphertext becomes part of the next encryption operation.

How to distinguish the modes

Mode	Memory Trigger
ECB	Each block independent
CBC	Previous ciphertext helps encrypt next block
CFB	Ciphertext becomes next IV
OFB	Encrypted output becomes next IV
CTR	Counter is encrypted and XOR'd

✅ Correct.

The answer is:

CTR (Counter Mode)

Why?

The key phrase is:

"Nonce"

CTR mode typically uses:

Nonce + Counter

Then encrypts that value:

Nonce + Counter
        ↓
     Encrypt
        ↓
    Keystream
        ↓
      XOR
        ↓
   Ciphertext

D334 Cheat Code

When you see:

Clue	Answer
Nonce	CTR
Counter	CTR
Parallel encryption	CTR
Stream cipher behavior	CTR

Memory Hook

CTR
↓
Counter Mode
↓
Nonce + Counter

Why the others are wrong

• ECB → No IV, no nonce.
  

• CBC → Uses an IV.
  

• CFB → Uses an IV.
  

• CTR → Uses a nonce and counter. ✅
  

This is one of the easiest pattern-recognition questions on the OA:

Nonce = CTR

✅ Correct.

The two symmetric block ciphers are:

☑ RC5
☑ XTEA

Why?

Algorithm	Type
RC5	Symmetric Block Cipher
XTEA	Symmetric Block Cipher
RC4	Symmetric Stream Cipher
DSA	Digital Signature Algorithm

D334 Memory Hook

RC4 = Stream
RC5 = Block

That's one of the most common OA traps.

And:

TEA = Block
XTEA = Block

Initialization

• Certificate is requested and created.

• Identity is verified.

• Certificate validation/checking occurs before trust is established.

Issued

• The certificate has already been created and distributed.

• The validation work has essentially already happened.

Cancellation

• Certificate is revoked or terminated.

D334 Exam Pattern

When WGU asks:

"At which stage would certificate validation occur?"

The answer is typically:

✅ Initialization

Because that's the phase where the CA validates identity and the certificate enters the trust chain.

Memory Hook

Initialization = Validate and Create
Issued = Use
Cancellation = Revoke

So I would answer:

✅ Initialization

✅ Correct.

The answer is:

128 bits

D334 Memory Hook

This is one of the highest-yield facts on the OA:

AES
Block Size = 128 bits (ALWAYS)

Key Sizes = 128, 192, 256 bits

Common OA Trap

Students often confuse:

• Block Size ❌
  

• Key Size ❌
  

Remember:

AES-128
AES-192
AES-256

Those numbers refer to the key size, not the block size.

The block size remains:

✅ 128 bits

Quick Memory Phrase

"AES always blocks at 128."

No matter whether the key is:

• 
  128-bit
  

• 
  192-bit
  

• 
  256-bit
  

the block size is still:

✅ 128 bits

✅ Correct answer: HMAC

The key phrases are:

"cryptographic hash function"

"symmetric secret key"

"integrity and authenticity"

That is the textbook definition of HMAC (Hash-based Message Authentication Code).

D334 Memory Hook

HMAC
=
Hash + Secret Key

What does HMAC provide?

✅ Integrity (message wasn't changed)

✅ Authentication/Authenticity (came from someone who knows the secret key)

❌ Confidentiality (does NOT encrypt data)

Why the others are wrong

• OTP → One-Time Pad password/token concept, not hash + key.
  

• Padding → Adds bytes to data before encryption.
  

• Tunneling → Encapsulates traffic (VPNs, IPSec, etc.).
  

OA Cheat Code

If you see:

Hash + Secret Key

Answer:

✅ HMAC

If you see:

Integrity + Authenticity

Answer:

✅ HMAC

Quick Comparison

Technology	Purpose
Hash	Integrity
HMAC	Integrity + Authenticity
Encryption	Confidentiality
Digital Signature	Integrity + Authenticity + Nonrepudiation

🎯 Question #21: HMAC

✅ Correct answer: Initialization

Why?

The key word is:

Registration

Certificate registration happens at the beginning of the certificate lifecycle.

Simple Lifecycle

Initialization
↓
Registration
Validation
Key Generation
Certificate Request

Issued
↓
Certificate is Active and Being Used

Cancellation
↓
Revoked / Expired

D334 Memory Hook

Think:

Stage	What Happens
Initialization	Registration, validation, setup
Issued	Certificate is active and in use
Cancellation	Revocation, expiration, termination

OA Cheat Code

If you see:

Registration

Answer:

✅ Initialization

If you see:

Revocation

Answer:

✅ Cancellation

If you see:

Certificate is being used

Answer:

✅ Issued

✅ Correct.

The answer is:

128-bit RC4

WPA vs WPA2 Cheat Sheet

Standard	Cipher
WEP	RC4
WPA	RC4 (with TKIP)
WPA2	AES (CCMP)
WPA3	AES + SAE

D334 Memory Hook

WEP  → RC4
WPA  → RC4
WPA2 → AES
WPA3 → AES

Common OA Trap

Many students see:

"WPA"

and immediately pick AES because AES is more modern.

But:

• WPA = RC4 + TKIP
  

• WPA2 = AES + CCMP
  

Extra Fact

WPA uses:

• RC4
  

• 128-bit key
  

• TKIP
  

So from the choices:

✅ 128-bit RC4

🎯 Question #19: Correct.

✅ Correct.

The answer is:

PKCS #12

Why?

The key phrases are:

"storing certificate information"

"private keys"

"single file"

"chain of trust"

That's exactly what PKCS #12 was designed for.

D334 Memory Hook

Think:

PKCS #12
=
Everything in one package

It can contain:

• 
  Certificates
  

• 
  Private keys
  

• 
  Public keys
  

• 
  Certificate chains
  

Common file extensions:

.p12
.pfx

PKCS Cheat Sheet (Memorize This)

PKCS	Remember
PKCS #1	RSA
PKCS #5	Passwords / PBKDF2
PKCS #10	CSR (Certificate Signing Request)
PKCS #12	Certificate + Private Key Container

OA Pattern Recognition

If you see:

CSR

Answer:

✅ PKCS #10

If you see:

Password-derived keys / PBKDF2

Answer:

✅ PKCS #5

If you see:

Certificate + Private Key + Chain of Trust

Answer:

✅ PKCS #12

✅ Correct.

The answer is:

Symmetric encryption

Why?

The key phrases are:

"fast"

"efficient"

"large amounts of data"

"real-time communications"

Those are all clues for symmetric encryption.

D334 Cheat Code

Symmetric	Asymmetric
Fast	Slow
Efficient	Computationally expensive
Large amounts of data	Key exchange & signatures
One shared secret key	Public/private key pair

Memory Hook

Think:

Symmetric = Speed
Asymmetric = Security Services

Real-World Example

When you visit a website:

1. Asymmetric encryption (RSA/ECC) is often used to exchange a session key.
   

2. Symmetric encryption (AES) is then used for the actual data transfer because it's much faster.
   

OA Pattern Recognition

If you see:

• 
  Fast
  

• 
  Efficient
  

• 
  Bulk data encryption
  

• 
  Real-time communications
  

• 
  Large files
  

Answer:

✅ Symmetric Encryption

If you see:

• 
  Digital signatures
  

• 
  Key exchange
  

• 
  Public/private keys
  

• 
  Nonrepudiation
  

Answer:

✅ Asymmetric Encryption

✅ Correct.

The answer is:

192 bits

AES Rounds Cheat Code (Memorize This)

AES Key Size	Rounds
128-bit	10 rounds
192-bit	12 rounds
256-bit	14 rounds

Memory Trick

Think:

128 → 10
192 → 12
256 → 14

Notice the pattern:

10 → 12 → 14

As the key size increases, the number of rounds increases.

OA Pattern Recognition

If you see:

12 rounds

Answer:

✅ 192-bit key

If you see:

14 rounds

Answer:

✅ 256-bit key

If you see:

10 rounds

Answer:

✅ 128-bit key

✅ Correct.

The answer is:

PRNG (Pseudo-Random Number Generator)

Why?

The key phrase is:

"fast, but periodic in nature"

That's exactly how a PRNG works.

A PRNG:

• Starts with a seed value.

• Generates numbers very quickly.

• Eventually repeats its sequence (periodic).

Compare PRNG vs TRNG

Type	Characteristics
PRNG	Fast, deterministic, periodic
TRNG	Slower, truly random, based on physical phenomena

D334 Memory Hook

PRNG
↓
Pseudo
↓
Predictable from a seed
↓
Fast
↓
Eventually repeats

TRNG
↓
True Random
↓
Physical source
↓
Slower
↓
Does not follow a predictable sequence

OA Cheat Code

If you see:

Fast

Seed

Periodic

Answer:

✅ PRNG

If you see:

Physical noise

Radioactive decay

Atmospheric noise

Truly random

Answer:

✅ TRNG

✅ Correct.

The answer is:

RSA

Why?

The key phrases are:

"asymmetric cipher"

"1024 to 4096-bit keys"

"partially homomorphic"

Those are all clues for RSA.

Why the others are wrong

Algorithm	Type
RC4	Symmetric Stream Cipher
AES	Symmetric Block Cipher
ChaCha	Symmetric Stream Cipher
RSA	Asymmetric Cipher

D334 Memory Hook

Think:

RSA
↓
Large Keys
1024
2048
3072
4096

OA Cheat Code

If you see:

1024–4096 bit keys

Answer:

✅ RSA

If you see:

Public key / Private key

Answer:

✅ RSA (or another asymmetric algorithm)

Extra Fact (for recognition)

RSA is often described as partially homomorphic because certain mathematical operations can be performed on ciphertexts and still produce meaningful results after decryption.

For the OA, though, I'd focus on:

RSA
=
Asymmetric
=
1024–4096-bit keys

✅ Correct answer: Skipjack

Why?

The key phrase is:

"Clipper Chip"

The Clipper Chip used the:

Skipjack cipher

This was a U.S. government initiative in the 1990s that included key escrow, meaning the government could potentially access encrypted communications.

D334 Memory Hook

Clipper Chip
     ↓
  Skipjack

That's really all you need to memorize.

Why the others are wrong

Cipher	Remember
Blowfish	Bruce Schneier block cipher
Twofish	AES finalist
Camellia	Modern block cipher similar to AES
Skipjack	Clipper Chip cipher

OA Cheat Code

If you see:

Clipper Chip

Answer:

✅ Skipjack

If you see:

Key Escrow + 1990s government encryption project

Answer:

✅ Skipjack

✅ Correct.

The answer is:

Initialization Vectors (IVs)

Why?

The key phrase is:

"same plaintext will produce a different ciphertext each time"

That's exactly what an IV is designed to accomplish.

ECB vs CBC/CFB/OFB

ECB

HELLO
↓
Encrypt
↓
ABC123

HELLO
↓
Encrypt
↓
ABC123

Same plaintext → Same ciphertext ❌

---

CBC, CFB, OFB

HELLO + IV1
↓
Encrypt
↓
XYZ789

HELLO + IV2
↓
Encrypt
↓
LMN456

Same plaintext → Different ciphertext ✅

D334 Memory Hook

When you see:

Same plaintext, different ciphertext

Think:

✅ IV

When you see:

CBC, CFB, OFB

Think:

✅ Uses an IV

One Important Distinction

For the OA:

• CBC, CFB, OFB → Think IV
  

• CTR → Think Nonce + Counter
  

That's why the answer is IV, not nonce.

✅ Correct.

The answer is:

6

Why?

Modulus (mod) means:

What's the remainder after division?

So:

54 ÷ 8 = 6 remainder 6

Because:

8 × 6 = 48
54 - 48 = 6

Therefore:

54 mod 8 = 6

D334 Memory Trick

For any mod question:

1. 
   Divide.
   

2. 
   Ignore the quotient.
   

3. 
   Keep the remainder.
   

Example:

17 mod 5

17 ÷ 5 = 3 remainder 2

Answer:

17 mod 5 = 2

✅ Correct answer: Padding

Why?

The question says:

"If the password contains less than 14 characters"

LM Hash expects a 14-character password.

If the password is shorter than 14 characters, Windows:

Pads it with null characters (NULL bytes)

to make it exactly 14 characters long before processing.

D334 Memory Hook

Think:

Too short?
↓
Pad it

Too long?
↓
Truncate it

Example

Password:

DOG

LM Hash internally does something like:

DOG___________

(adding padding until it reaches 14 characters)

OA Cheat Code

Situation	Technique
Password shorter than required length	Padding
Password longer than allowed length	Truncation

✅ Correct.

The answer is:

CFB (Cipher Feedback)

Why?

The key phrase is:

"self-synchronizing stream cipher"

That's the textbook description of CFB.

D334 Memory Hooks

Mode	Remember
CFB	Self-synchronizing stream cipher
OFB	Synchronous stream cipher
ECB	Independent blocks

The Easy Way to Remember

CFB

Cipher Feedback
↓
Ciphertext feeds back
↓
Self-synchronizing

OFB

Output Feedback
↓
Encryption output feeds back
↓
Synchronous stream cipher

OA Cheat Code

If you see:

Self-synchronizing stream cipher

Answer:

✅ CFB

If you see:

Converts a block cipher into a stream cipher

Encrypted IV becomes the next IV

Answer:

✅ OFB

✅ Correct.

The answer is:

160 bits

D334 Hash Size Cheat Sheet

Hash Algorithm	Output Size
MD5	128-bit
SHA-1	160-bit
SHA-224	224-bit
SHA-256	256-bit
SHA-384	384-bit
SHA-512	512-bit

Memory Hook

MD5    = 128
SHA-1  = 160
SHA-256 = 256
SHA-512 = 512

OA Cheat Code

If you see:

160-bit hash

Answer:

✅ SHA-1

If you see:

Broken due to collision attacks

Answer:

✅ SHA-1 (or MD5 depending on choices)

✅ Correct answer: Decreased

Why?

Larger keys provide:

✅ More security

But they also require:

❌ More processing power

❌ More computation time

Therefore:

Performance decreases as key size increases.

Easy Example

AES-128 → Faster
AES-192 → Slower
AES-256 → Slowest

More security, but more work for the computer.

D334 Memory Hook

Bigger Key
↓
More Security
↓
More Processing
↓
Lower Performance

OA Cheat Code

If you see:

Larger key size

and the question asks about:

Performance

Answer:

✅ Decreased

If the question asks about:

Security

Answer:

✅ Increased

Quick Contrast

Larger Key Size	Effect
Security	⬆ Increased
Performance	⬇ Decreased

✅ Correct answer: 50

This is one of those annoying IPSec memorization questions.

IPSec Cheat Sheet

Item	Number
ESP	50
AH	51
IKE	UDP 500
NAT-T	UDP 4500

Memory Trick

ESP = 50
AH  = 51

Think:

ESP goes first = 50
AH comes after = 51

Why 500 looked tempting

Because:

UDP 500 = IKE

IKE is used to negotiate IPSec tunnels.

But the question asks:

Protocol number for IPSec ESP

Not the port number for IKE.

OA Cheat Code

If you see:

ESP

Answer:

✅ 50

If you see:

AH

Answer:

✅ 51

If you see:

IKE

Answer:

✅ UDP 500

If you see:

NAT Traversal (NAT-T)

Answer:

✅ UDP 4500

✅ Correct.

You answered:

B = PKCS #10

And that is the correct answer.

Why?

The key phrase is:

Certificate Signing Request (CSR)

A CSR uses the standard:

✅ PKCS #10

D334 PKCS Cheat Sheet

PKCS	Remember
PKCS #1	RSA
PKCS #5	Passwords / PBKDF2
PKCS #10	CSR (Certificate Signing Request)
PKCS #12	Certificate + Private Key Container (.p12/.pfx)

Memory Trick

PKCS #10
     ↓
Certificate
Signing
Request

Or:

Need a certificate?
↓
Submit a CSR
↓
PKCS #10

OA Cheat Code

If you see:

CSR

Answer:

✅ PKCS #10

If you see:

Certificate + Private Key + Chain of Trust

Answer:

✅ PKCS #12

If you see:

Password-derived keys / PBKDF2

Answer:

✅ PKCS #5

✅ Correct.

The answer is:

Copy and Paste Attack

Why?

The key phrase is:

ECB (Electronic Codebook)

ECB encrypts identical plaintext blocks into identical ciphertext blocks.

That allows an attacker to:

• Copy ciphertext blocks

• Move them around

• Paste them elsewhere

without needing to decrypt them.

D334 Memory Hook

ECB
↓
Same plaintext
↓
Same ciphertext
↓
Copy & Paste Attack

OA Cheat Code

If you see:

ECB

Think:

✅ Pattern leakage

✅ Identical plaintext = identical ciphertext

✅ Copy-and-paste attacks

Why the others are wrong

❌ DROWN

• 
  SSL/TLS attack.
  

❌ Whale phishing

• 
  Social engineering attack.
  

❌ Rainbow table

• 
  Password hash attack.
  

❌ Copy and paste

• 
  ECB weakness. ✅
  

Super Important OA Association

ECB ↔ Copy-and-Paste Attack

✅ Correct.

The answer is:

256 bits

AES Rounds Cheat Sheet (Must Memorize)

Key Size	Rounds
128-bit	10
192-bit	12
256-bit	14

Memory Trick

128 → 10
192 → 12
256 → 14

Just remember:

10 → 12 → 14

As the key size increases, the rounds increase.

OA Cheat Code

If you see:

10 rounds

Answer:

✅ AES-128

If you see:

12 rounds

Answer:

✅ AES-192

If you see:

14 rounds

Answer:

✅ AES-256

✅ Correct.

The answer is:

PKCS #1

Why?

The key phrases are:

digital signatures

generation and verification

PKI

PKCS #1 defines the RSA Cryptography Standard, including:

• RSA encryption

• RSA digital signatures

• Signature generation

• Signature verification

D334 PKCS Cheat Sheet

PKCS	Remember
PKCS #1	RSA, digital signatures
PKCS #5	Passwords, PBKDF2
PKCS #7	Cryptographic message syntax (CMS)
PKCS #10	CSR (Certificate Signing Request)
PKCS #12	Certificates + Private Keys (.p12/.pfx)

Memory Trick

PKCS #1
↓
RSA
↓
Digital Signatures

OA Cheat Code

If you see:

RSA

Digital signatures

Signature verification

Answer:

✅ PKCS #1

If you see:

CSR

Answer:

✅ PKCS #10

If you see:

Password-derived keys / PBKDF2

Answer:

✅ PKCS #5

If you see:

Certificate + Private Key Container

Answer:

✅ PKCS #12

✅ Correct answer: FIPS 186

This is one of the annoying memorization questions.

D334 Memory Hook

DSA
↓
Digital Signature Algorithm
↓
FIPS 186

Why the confusion?

• FIPS 186 = Digital Signature Standard (DSS) → Introduced DSA
  

• FIPS 199 = Standards for Security Categorization of Federal Information and Information Systems
  

OA Cheat Code

If you see:

DSA

or

Digital Signature Standard (DSS)

Answer:

✅ FIPS 186

Quick Memory Table

FIPS	Remember
FIPS 186	DSA / DSS
FIPS 197	AES
FIPS 180	Secure Hash Standard (SHA family)
FIPS 199	Security Categorization

🎯 Question #3: Correct answer = FIPS 186

✅ Correct.

The answer is:

AES

Wireless Security Cheat Sheet

Standard	Encryption
WEP	RC4
WPA	RC4 + TKIP
WPA2	AES + CCMP
WPA3	AES + SAE

Memory Trick

WEP  → RC4
WPA  → RC4
WPA2 → AES
WPA3 → AES

Why the others are wrong

❌ SHA-256

• 
  Hashing algorithm, not wireless encryption.
  

❌ RC4

• 
  Used by WEP and WPA, not WPA2.
  

❌ RSA

• 
  Asymmetric algorithm for key exchange/signatures.
  

✅ AES

• 
  Encryption algorithm used by WPA2.
  

OA Cheat Code

If you see:

WPA2

Answer:

✅ AES

If you see:

WEP

Answer:

✅ RC4

If you see:

WPA

Answer:

✅ RC4/TKIP

✅ Correct answer: 3DES

The clue is:

K1 → K2 → K1

That is the classic 2-key 3DES pattern.

Memory Trick

3DES
↓
DES three times

Encrypt with K1
Decrypt with K2
Encrypt with K1

Often written as:

E(K1) → D(K2) → E(K1)

D334 Cheat Sheet

Algorithm	Remember
DES	One 56-bit key
3DES	K1 → K2 → K1
AES	Modern replacement for DES/3DES
RSA	Asymmetric
MD4	Hashing algorithm

OA Pattern Recognition

If you see:

K1, K2, K1

Answer:

✅ 3DES

If you see:

Triple encryption of DES

Answer:

✅ 3DES

Bonus Fact

There are two common versions:

2-Key 3DES

K1 → K2 → K1

3-Key 3DES

K1 → K2 → K3

For the OA, when they mention:

K1, K2, then K1 again

They're specifically describing:

✅ 3DES