If there is an intruder in a LAN who knows the encryption type and password, will he be able to monitor all the packets which are in the LAN? Suppose someone on the LAN is visiting HTTP sites, which supposedly have no encryption.
All traffic between any given pair of devices (access point and client, or two clients in an ad-hoc network) will use the same key (with different IVs) for all messages. It might sometimes be necessary to re-key (due to running into a limit such as the space of IV values), but if you knew the current key you'd generally be able to follow along with the re-keying.
However, other security properties depend on the protocol. WEP (long deprecated) with pre-shared keys (PSKs) used the same key for all traffic on the network (regardless of who it was between); this meant that any attacker on the network could monitor and forge traffic from any other. WPA fixes that; the PSK is only used to authorize your access to the network and secure the key exchange. The actual key is pairwise between the client and the AP, and not shared with anybody else.
With that said, there are things an attacker can do if they know the password/PSK. If they get there before the victim, they can potentially interfere with the key exchange in order to know the victim's connection key, allowing intercepting and forging messages between victim and AP. If the attacker joins the network (or even doesn't, and just monitors it) after the would-be victims are already connected, the attacker won't ever learn their current keys but can potentially disrupt the communication between client and AP, causing the client to reconnect and re-negotiate the key, creating an opportunity for the malicious station to gain access to the victim's connection key.
Of course, if the attacker knows the network PSK, they can usually just join the network normally. This is more detectable, but it also makes lots of attacks very easy. For example, most LANs are vulnerable to ARP spoofing, which means you can have a MitM position on any network traffic you want. You don't need to be able to intercept the traffic between the AP and the clients, just use ARP to convince all the clients to send their packets to you anyhow, and then you can do whatever you like with them before sending them onward. Obviously this doesn't break TLS or other end-to-end encrypted traffic, but it'll let you intercept everything in plain text and give you a position to monitor or attack the rest.
Of course, doing that does mean you show up on the AP's list of connected stations. ARP spoofing (or DNS spoofing, or most other attacks you might pull off like this) are all detectable, too, if anybody looks for them.
According to Kerckhoffs's principle, secrecy depend on key not in encryption algorithm. Therefore Knowing encryption algorithm does not help to decrypt traffic. But implementation is critical. WEP is very weak, It is possible to break less than minute, because of poor implementation.
If your link is properly encrypted with secured algorithm such as WAP2+CCMP It will be very difficult to read captured traffic.
AES is used by CCMP and it will be secured environment. If your connection is encrypted it is not possible to read traffic goes to http traffic. Because your entire data packet is encrypted in secured connections including header.
If they know the password yes they can sniff and read content but it should be done before login.
Always keep in mind, no system is 100% secured. Be Sure what you are doing?