SY0-301 · Question #409
Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption?
The correct answer is C. WPA. WPA (Wi-Fi Protected Access) uses TKIP (Temporal Key Integrity Protocol) for wireless encryption, which operates at Layer 2 (the data link layer) and does not provide end-to-end TLS encryption. Because it lacks end-to-end TLS, an attacker who can position themselves between a cli
Question
Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption?
Options
- AHTTPS
- BWEP
- CWPA
- DWPA 2
How the community answered
(47 responses)- A13% (6)
- B4% (2)
- C77% (36)
- D6% (3)
Explanation
WPA (Wi-Fi Protected Access) uses TKIP (Temporal Key Integrity Protocol) for wireless encryption, which operates at Layer 2 (the data link layer) and does not provide end-to-end TLS encryption. Because it lacks end-to-end TLS, an attacker who can position themselves between a client and a wireless access point can potentially intercept and manipulate traffic - a classic MITM scenario. HTTPS (choice A) wraps traffic in TLS, providing end-to-end encryption that resists MITM. WEP (choice B) is insecure but the question focuses on TLS specifically. WPA2 (choice D) supports stronger encryption and, in Enterprise mode with 802.1X/EAP-TLS, can provide end-to-end TLS. WPA's reliance on TKIP without TLS makes it the most vulnerable choice in this context.
Topics
Community Discussion
No community discussion yet for this question.