In AP Cybersecurity, a WAP (wireless access point) is the network device that lets wireless devices like laptops and phones connect to a wired network infrastructure, broadcasting an SSID that identifies the network you join.
A WAP stands for wireless access point. It's the device that bridges your wireless gadgets (laptops, phones, tablets) to a wired network. When you connect to Wi-Fi at a coffee shop, school, or office, you're connecting through a WAP.
Each WAP broadcasts a service set identifier (SSID), which is the network name you see in your Wi-Fi list. That's the key detail for AP Cybersecurity. Because anyone can set up their own WAP and name it whatever they want, an adversary can stand up a fake access point with an SSID identical or similar to a real one. That setup is the heart of an evil twin attack (EK 1.3.B.1). The WAP itself is just hardware. Whether it's safe depends on who controls it.
WAP lives in Unit 1: Introduction to Security, specifically topic 1.3 Best Practices for Public Networks. It underpins learning objective AP Cybersecurity 1.3.B (identify types of wireless cyberattacks), since the evil twin attack in EK 1.3.B.1 works by setting up a rogue WAP. It also connects to AP Cybersecurity 1.3.C, because verifying the SSID before you join is your defense against connecting to a malicious access point. Knowing what a WAP does is the foundation for understanding why public Wi-Fi can be risky and why encryption matters when you join it.
Keep studying AP Cybersecurity Unit 1
Visual cheatsheet
view galleryEvil Twin Attack (Unit 1)
An evil twin is just a malicious WAP wearing a real network's name. The adversary sets up their own access point with a copied SSID, hoping you connect to it instead of the legitimate one so they can capture your traffic.
SSID (Unit 1)
The SSID is the name a WAP broadcasts. Since WAPs and SSIDs go hand in hand, EK 1.3.C.1 tells you to verify the exact name before joining, because the name is the only thing distinguishing a real WAP from a fake one.
VPN (Unit 1)
If you can't trust the WAP you're connecting through, a VPN encrypts all your traffic to the VPN operator anyway. Even if you accidentally join an evil twin, the adversary running that WAP can't read your encrypted traffic.
Jamming Attack (Unit 1)
Jamming attacks the wireless signal itself rather than the WAP's identity. An adversary floods the area with a strong signal in the same frequency to knock the WAP's connection out, a denial-of-service approach instead of an impersonation one.
Expect WAP to show up as a vocabulary-recognition item. A typical MCQ stem describes a device that lets laptops and smartphones connect wirelessly to a company's wired network and asks which term fits. The answer is wireless access point. You may also see WAP woven into evil twin scenarios, where you identify that an attacker set up a rogue access point with a matching SSID. Be ready to pair WAP with SSID and to explain how verifying the network name (EK 1.3.C.1) protects you.
A WAP is the physical device that creates a wireless network. An SSID is just the name that WAP broadcasts. One is hardware you connect through, the other is the label you see in your Wi-Fi list. An adversary can copy an SSID easily, which is exactly how a fake WAP fools you in an evil twin attack.
A WAP (wireless access point) is the device that connects wireless gadgets to a wired network.
Every WAP broadcasts an SSID, the network name you see and choose to join.
An evil twin attack works by setting up a malicious WAP with an SSID copied from a legitimate network.
Verifying that the network name exactly matches the one you intend to join (EK 1.3.C.1) is your defense against connecting to a rogue WAP.
A VPN protects your data even on an untrusted WAP because your traffic stays encrypted to the VPN operator.
WAP stands for wireless access point, the device that lets wireless devices like laptops and phones connect to a wired network infrastructure. It broadcasts the SSID you see when you pick a Wi-Fi network.
No. The WAP is the physical device that creates the network, while the SSID is the name that WAP broadcasts. You connect through a WAP, but you recognize it by its SSID.
A WAP is just the hardware. An evil twin is a malicious WAP that an adversary sets up with an SSID identical or similar to a real network, so victims unknowingly connect to it and the attacker can capture their traffic (EK 1.3.B.1).
Yes, if it's a rogue access point like an evil twin. But the attacker still can't read traffic protected by an encrypted protocol like HTTPS or routed through a VPN, which is why those protections matter on public Wi-Fi.
Verify that the network name exactly matches the one you intend to join (EK 1.3.C.1), consider whether the network is encrypted before sending sensitive data, and use a VPN to encrypt all your traffic to the VPN operator.
Connect this key term to the AP exam workflow: review the course, practice questions, and check related study tools.