WEP has vulnerabilities Which of the following is not a reas

WEP has vulnerabilities. Which of the following is not a reason why it is vulnerable?

A. Shared WEP keys among all clients

B. An RC4 engine not properly initialized

C. 20-bit initialization vector

D. 40-bit WEP keys

Solution

C. One issue with WEP is the initialization vector (IV), it was 24 bits, not 20. Answers A, B, and D detail some of the vulnerabilities of WEP. For example, WEP uses a single shared key among all clients, which means that you are authenticating groups, not devices or single users. Also, RC4 is the correct encryption type and can be implemented in 40- or 104-bit configuration, but WEP does not properly initialize it. This means that the key values roll over and are predictable. Finally, a 24-bit IV vector is too short, and a 40-bit key is weak.