Wireless Security Weaknesses: WEP | CCIE Security Exam | Cisco

WEP Security Weaknesses

Prev Question Next Question

Question

Which three statements describe the security weaknesses of WEP? (Choose three.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E.

ABC.

WEP (Wired Equivalent Privacy) is an encryption protocol designed to provide confidentiality and integrity to wireless networks. However, it has several security weaknesses that make it vulnerable to attacks. The three statements that describe the security weaknesses of WEP are:

A. Key strength is weak and non-standardized: WEP uses a 40-bit or 104-bit key to encrypt data. This key is too short and can be easily cracked using brute-force attacks. Moreover, the key is not standardized, and different vendors may use different algorithms to generate keys, making it difficult to ensure interoperability and security.

B. The WEP ICV algorithm is not optimal for cryptographic integrity checking: WEP uses the Integrity Check Value (ICV) algorithm to ensure data integrity. However, this algorithm is not optimal and can be easily bypassed by attackers. For example, an attacker can modify the data and recalculate the ICV without being detected.

C. There is no key distribution mechanism: WEP does not provide a secure key distribution mechanism. Instead, it relies on manually configuring the key on each device. This makes it difficult to manage and update keys, and also makes it vulnerable to insider attacks.

D. Its key rotation mechanism is too predictable: WEP has a key rotation mechanism that allows changing the encryption key periodically. However, this mechanism is too predictable and follows a fixed pattern. This makes it easy for attackers to predict the next key and launch attacks.

E. For integrity, it uses MD5, which has known weaknesses: WEP uses the Message Digest 5 (MD5) algorithm to ensure data integrity. However, MD5 has known weaknesses, and it is vulnerable to collision attacks. This means that an attacker can generate two different data sets with the same MD5 hash, allowing them to modify the data without being detected.

In summary, WEP has several security weaknesses that make it vulnerable to attacks. It is recommended to use more secure encryption protocols, such as WPA2 or WPA3, to protect wireless networks.