A review question in the CWSP Official Study Guide (Sybex, 2010) caught my eyes: a simple question about encryption methods.
[i]Which of these encryption technologies have been cracked? (Choose all that apply.)
(A) 64-bit WEP
(D) 128-bit WEP
(E) Wired Equivalent Privacy[/i]
You will definitely pick up the options (A), (D), and (E) at first glance, right? Since WEP has been cracked and considered no longer a secure encryption method.
If you did so, well, you made the look-like right choice.
Why 'look-like'? Because the answers to this question according to the study guide are (A), (D), and (E).
But wait. How about the option (B)?
TKIP/RC4 is a good choice for Wi-Fi devices not supporting the advanced CCMP/AES encryption. But [url=http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html?page=1]WPA-TKIP was cracked[/url] last August by Japanese scientists. They demonstrated a practical attack that could crack TKIP in just one minute.
Both of [url=http://www.h-online.com/security/news/item/WEP-and-TKIP-Wi-Fi-encryption-methods-to-be-discontinued-1024835.html]WEP and WPA-TKIP will be removed from the Wi-Fi Alliance's test schedule[/url] over the following years. Enterprises will be forced to upgrade to WPA2-AES finally.
Back to the review question. So the option (B) will also be added to the answer list, I guess?
My suggestion: as a CWNP candidate, paying attention to industry news/updates is equally important.
My question: if such a question appears in real CWNP exams, how to deal with it?