If a question requires the user to wait for an extended period of time due to the nature of the attack, the question should state that. Separately, if the task doesn’t require the user to wait an extended period of time, but due to other technological reasons, it’s likely that things can go wrong, the question should state something along the lines of: “If you have waited for X amount of time without X happening, revert the machine (or some other instructions”.
This is stemming from the WPS course which uses Reaver to brute force. By nature, it takes a long time. However, as the user, I don’t know which PIN you used and therefore don’t know what the “average” time to brute force this specific PIN would be. I imagine you didn’t create a question that requires the user to wait an hour. Maybe you did, IDK. That’s my point though. We should have an idea of how long we should wait before we escalate so we’re not just waiting senselessly.