nerdexam
GIAC

GPEN · Question #310

GPEN Question #310: Real Exam Question with Answer & Explanation

The correct answer is A. The Initialization Vector (IV) field of WEP is only 24 bits long. C. WEP uses the RC4 encryption algorithm. D. Automated tools such as AirSnort are available for discovering WEP keys.. WEP has well-documented cryptographic weaknesses including a short 24-bit IV, use of the RC4 stream cipher, and susceptibility to automated cracking tools - all of which make statements A, C, and D correct.

Question

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP? Each correct answer represents a complete solution. Choose all that apply.

Options

  • AThe Initialization Vector (IV) field of WEP is only 24 bits long.
  • BIt provides better security than the Wi-Fi Protected Access protocol.
  • CWEP uses the RC4 encryption algorithm.
  • DAutomated tools such as AirSnort are available for discovering WEP keys.

Explanation

WEP has well-documented cryptographic weaknesses including a short 24-bit IV, use of the RC4 stream cipher, and susceptibility to automated cracking tools - all of which make statements A, C, and D correct.

Common mistakes.

  • B. WEP provides significantly worse security than WPA because WPA introduced TKIP with per-packet key mixing and message integrity checks that directly addressed WEP's vulnerabilities.

Concept tested. WEP protocol weaknesses and cryptographic flaws

Reference. https://www.ieee802.org/11/

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GPEN Practice