5) CWNPCert: Wireless LAN Administration
Objective: 802.11 Network Security
SubObjective: 802.11 Network Security Architecture
Single Answer Multiple Choice
Which of the following is NOT a known weakness of WEP?
A. WEP does not encrypt the IP and TCP headers, only the data
B. WEP does not protect against replay attacks
C. WEP does not protect against forgeries
D. WEP does not natively provide a way to centrally manage the keys
Answer:
A. WEP does not encrypt the IP and TCP headers, only the data
Tutorial:
WEP is a Layer 2 encryption. WEP encrypts everything above Layer 2. This would include items on Layer 3 and Layer 4, such as IP headers and TCP headers.
WEP does not protect against replay attacks. TKIP uses sequencing via the Transmit Sequence Counter (TSC) to protect against replay
WEP does not protect against forgeries. The linear CRC has been shown to be susceptible to manipulation of the data without detection. The non-linear Message Integrity Check (MIC) in TKIP protects against forgeries.
WEP does not natively provide a way to manage the keys centrally. They must be updated manually when they are changed.
Reference:
CWNA Study Guide Revision 3, pp. 426-429.