Which statement about WEP is true?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the EC-Council Certified Security Specialist (ECSS) Test. Enhance your skills with flashcards and multiple-choice questions; each question provides hints and explanations. Prepare confidently for your exam!

Multiple Choice

Which statement about WEP is true?

Explanation:
WEP is designed to provide wireless traffic confidentiality, but its design has critical flaws that prevent it from delivering adequate security. It encrypts data with RC4 using a shared key plus a 24-bit initialization vector. That IV is far too small for typical network speeds, so IVs repeat quickly. When the same keystream is used more than once, attackers can observe relationships between packets and recover plaintext or deduce the key, enabling both eavesdropping and packet injection. The integrity check WEP uses is a CRC-32, which isn’t cryptographically strong and can be manipulated without easily detectable tampering. These weaknesses mean WEP should not be trusted for real security; it falls short of providing adequate protection. Upgrading to WPA or WPA2 with stronger encryption is the recommended approach for wireless networks.

WEP is designed to provide wireless traffic confidentiality, but its design has critical flaws that prevent it from delivering adequate security. It encrypts data with RC4 using a shared key plus a 24-bit initialization vector. That IV is far too small for typical network speeds, so IVs repeat quickly. When the same keystream is used more than once, attackers can observe relationships between packets and recover plaintext or deduce the key, enabling both eavesdropping and packet injection. The integrity check WEP uses is a CRC-32, which isn’t cryptographically strong and can be manipulated without easily detectable tampering. These weaknesses mean WEP should not be trusted for real security; it falls short of providing adequate protection. Upgrading to WPA or WPA2 with stronger encryption is the recommended approach for wireless networks.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy