CompTIA Security Plus Mock Test Q1027

Which of the following is a concern when encrypting wireless data with WEP?

A. WEP displays the plain text entire key when wireless packet captures are reassembled
B. WEP implements weak initialization vectors for key transmission
C. WEP uses a very weak encryption algorithm
D. WEP allows for only four pre-shared keys to be configured

Correct Answer: B
Section: Cryptography

Explanation:
The initialization vector (IV) that WEP uses for encryption is 24-bit, which is quite weak and means that IVs are reused with the same key. By examining the repeating result, it was
easy for attackers to crack the WEP secret key. This is known as an IV attack.

Incorrect Answers:
A: WEP does not display the entire key as plain text.
B: The WEP encryption algorithm is not the main WEP weakness.
D: WEP has no restrictions on the number of pre-shared keys.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 171, 258