Forum

  • A review question in the CWSP Official Study Guide (Sybex, 2010) caught my eyes: a simple question about encryption methods.

    [i]Which of these encryption technologies have been cracked? (Choose all that apply.)

    (A) 64-bit WEP

    (B) TKIP/RC4

    (C) CCMP/AES

    (D) 128-bit WEP

    (E) Wired Equivalent Privacy[/i]

    You will definitely pick up the options (A), (D), and (E) at first glance, right? Since WEP has been cracked and considered no longer a secure encryption method.

    If you did so, well, you made the look-like right choice.

    Why 'look-like'? Because the answers to this question according to the study guide are (A), (D), and (E).

    But wait. How about the option (B)?

    TKIP/RC4 is a good choice for Wi-Fi devices not supporting the advanced CCMP/AES encryption. But [url=http://www.networkworld.com/news/2009/082709-new-attack-cracks-common-wi-fi.html?page=1]WPA-TKIP was cracked[/url] last August by Japanese scientists. They demonstrated a practical attack that could crack TKIP in just one minute.

    Both of [url=http://www.h-online.com/security/news/item/WEP-and-TKIP-Wi-Fi-encryption-methods-to-be-discontinued-1024835.html]WEP and WPA-TKIP will be removed from the Wi-Fi Alliance's test schedule[/url] over the following years. Enterprises will be forced to upgrade to WPA2-AES finally.

    Back to the review question. So the option (B) will also be added to the answer list, I guess?

    My suggestion: as a CWNP candidate, paying attention to industry news/updates is equally important.

    My question: if such a question appears in real CWNP exams, how to deal with it?

Page 1 of 1
  • 1