An employee connects a wireless access point to the only jack in the conference room to provide
Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious
user is able to intercept clear text HTTP communication between the meeting attendees and the
Internet. Which of the following is the reason the malicious user is able to intercept and see the
clear text communication?

A.
The malicious user has access to the WPA2-TKIP key.

B.
The wireless access point is broadcasting the SSID.

C.
The malicious user is able to capture the wired communication.

D.
The meeting attendees are using unencrypted hard drives.

Explanation:
In this question, the wireless users are using WPA2-TKIP. While TKIP is a weak encryption
protocol, it is still an encryption protocol. Therefore, the wireless communications between the
laptops and the wireless access point are encrypted.
The question states that user was able to intercept ‘clear text’ HTTP communication between the
meeting attendees and the Internet. The HTTP communications are unencrypted as they travel
over the wired network. Therefore, the malicious user must have been able to capture the wired
communication.
TKIP and AES are two different types of encryption that can be used by a Wi-Fi network. TKIP
stands for “Temporal Key Integrity Protocol.” It was a stopgap encryption protocol introduced with
WPA to replace the very-insecure WEP encryption at the time. TKIP is actually quite similar to
WEP encryption. TKIP is no longer considered secure, and is now deprecated.