WEP is the only option that matches the combination of RC4 and a 24-bit initialization vector. In CEH materials, WEP is described as an early Wi-Fi security standard that uses the RC4 stream cipher together with a short 24-bit IV that is concatenated with a shared secret key to form the per-packet RC4 key stream. The critical weakness is that a 24-bit IV is far too small for busy networks. Because there are only about 16.7 million possible IV values, IV reuse occurs quickly, especially under high traffic. When IVs repeat, the same RC4 key stream can be reused, allowing attackers to apply statistical attacks against captured packets and recover the WEP key. CEH emphasizes that the problem is not only IV reuse but also weaknesses in how WEP uses RC4 with IVs, enabling practical key recovery using readily available tools once enough packets are collected.

WPA and WPA2 improved on WEP by introducing stronger key management and integrity protections. WPA uses TKIP, which still relies on RC4 in many deployments, but it does not use a simple 24-bit IV in the same weak manner as WEP and includes per-packet key mixing and additional integrity checks. WPA2 and WPA3 move away from RC4 entirely, using AES-based protections such as CCMP for WPA2 and more modern enhancements in WPA3. Therefore, the observed RC4 with a 24-bit IV precisely identifies WEP.