An employee connects a wireless access point to the only jack in the conference room to provide Internet
access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to
intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the
following is the reason the malicious user is able to intercept and see the clear text communication?
The malicious user has access to the WPA2-TKIP key.
The wireless access point is broadcasting the SSID.
The malicious user is able to capture the wired communication.
The meeting attendees are using unencrypted hard drives.
In this question, the wireless users are using WPA2-TKIP. While TKIP is a weak encryption protocol, it is still an
encryption protocol. Therefore, the wireless communications between the laptops and the wireless access point
The question states that user was able to intercept ‘clear text’ HTTP communication between the meeting
attendees and the Internet. The HTTP communications are unencrypted as they travel over the wired network.
Therefore, the malicious user must have been able to capture the wired communication.
TKIP and AES are two different types of encryption that can be used by a Wi-Fi network. TKIP stands for
“Temporal Key Integrity Protocol.” It was a stopgap encryption protocol introduced with WPA to replace the
very-insecure WEP encryption at the time. TKIP is actually quite similar to WEP encryption. TKIP is no longer
considered secure, and is now deprecated.