You are a penetration tester for a network security consulting company. You are currently on-site at a customer's premises and are doing your first analysis of the customer's network security. You check if they are using Wifi and find that they are using a deprecated protocol with known vulnerabilities. Which of the options is most likely being used?
Correct Incorrect Unanswered Report Issue Answer Description
Wired Equivalent Privacy (WEP) was a commonly used security protocol for encrypted wireless networks. It has been deprecated and is outdated with known vulnerabilities. WEP should not be used, instead a newer and more robust option like WPA2 should be implemented.
Wikipedia
Wired Equivalent Privacy (WEP) was a severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide data confidentiality comparable to that of a traditional wired network. WEP, recognizable by its key of 10 or 26 hexadecimal digits (40 or 104 bits), was at one time widely used, and was often the first security choice presented to users by router configuration tools.Subsequent to a 2001 disclosure of a severe design flaw in the algorithm, WEP was never again secure in practice. In the vast majority of cases, Wi-Fi hardware devices relying on WEP security could not be upgraded to secure operation. Some of the design flaws were addressed in WEP2, but WEP2 also proved insecure, and another generation of hardware could not be upgraded to secure operation.
In 2003, the Wi-Fi Alliance announced that WEP and WEP2 had been superseded by Wi-Fi Protected Access (WPA). In 2004, with the ratification of the full 802.11i standard (i.e. WPA2), the IEEE declared that both WEP-40 and WEP-104 have been deprecated. WPA retained some design characteristics of WEP that remained problematic.
WEP was the only encryption protocol available to 802.11a and 802.11b devices built before the WPA standard, which was available for 802.11g devices. However, some 802.11b devices were later provided with firmware or software updates to enable WPA, and newer devices had it built in.
Wired_Equivalent_Privacy - Wikipedia, the free encyclopedia Subscribe to avoid duplicate questions and track your progress over time