A security administrator discovered that all communication over the company’s encrypted wireless network is
being captured by savvy employees with a wireless sniffing tool and is then being decrypted in an attempt to
steal other employee’s credentials. Which of the following technology is MOST likely in use on the company’s
wireless?

A.
WPA with TKIP

B.
VPN over open wireless

C.
WEP128-PSK

D.
WPA2-Enterprise

Explanation:
WEP’s major weakness is its use of static encryption keys. When you set up a router with a WEP encryption
key, that one key is used by every device on your network to encrypt every packet that’s transmitted. But the
fact that packets are encrypted doesn’t prevent them from being intercepted, and due to some esoteric
technical flaws it’s entirely possible for an eavesdropper to intercept enough WEP-encrypted packets to
eventually deduce what the key is.
This problem used to be something you could mitigate by periodically changing the WEP key (which is why
routers generally allow you to store up to four keys). But few bothers to do this because changing WEP keys is
inconvenient and time-consuming because it has to be done not just on the router, but on every device that
connects to it. As a result, most people just set up a single key and then continue using it ad infinitum.
Even worse, for those that do change the WEP key, new research and developments reinforce how even
changing WEP keys frequently is no longer sufficient to protect a WLAN. The process of ‘cracking’ a WEP key
used to require that a malicious hacker intercept millions of packets plus spend a fair amount of time and
computing power. Researchers in the computer science department of a German university recently
demonstrated the capability to compromise a WEP-protected network very quickly. After spending less than a
minute intercepting data (fewer than 100,000 packets in all) they were able to compromise a WEP key in just
three seconds.