nerdexam
EC-Council

312-50V13 · Question #222

You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are attempting to break into the wireless network with the SSID "Brakeme-lnternal." You realize tha

The correct answer is A. Dragonblood. WPA3 Wireless Vulnerability Explanation Dragonblood (A) is the correct answer because it is a set of vulnerabilities specifically discovered in WPA3's Dragonfly handshake (SAE - Simultaneous Authentication of Equals), allowing attackers to perform side-channel attacks, denial-of-

Submitted by hassan_iq· Mar 6, 2026Hacking Wireless Networks

Question

You are a penetration tester tasked with testing the wireless network of your client Brakeme SA. You are attempting to break into the wireless network with the SSID "Brakeme-lnternal." You realize that this network uses WPA3 encryption, which of the following vulnerabilities is the promising to exploit?

Options

  • ADragonblood
  • BCross-site request forgery
  • CKey reinstallation attack
  • DAP Myconfiguration

How the community answered

(18 responses)
  • A
    89% (16)
  • B
    6% (1)
  • D
    6% (1)

Explanation

WPA3 Wireless Vulnerability Explanation

Dragonblood (A) is the correct answer because it is a set of vulnerabilities specifically discovered in WPA3's Dragonfly handshake (SAE - Simultaneous Authentication of Equals), allowing attackers to perform side-channel attacks, denial-of-service, and downgrade attacks against WPA3-protected networks - making it the most promising exploit in this scenario.

Why the distractors are wrong:

  • Cross-site request forgery (B) is a web application attack targeting authenticated browser sessions - it has no relevance to wireless encryption protocols
  • Key reinstallation attack (C), known as KRACK, targets WPA2's four-way handshake, not WPA3, which was specifically designed to address KRACK's weaknesses
  • AP Misconfiguration (D) is a general administrative issue, not a specific, targeted vulnerability against WPA3 encryption itself

Memory Tip: Think "Dragon" for WPA3 - WPA3 uses the Dragonfly handshake, and Dragonblood is the exploit that "bleeds" the dragon. Just as KRACK ≠ WPA3, remember: new protocol (WPA3) = new named vulnerability (Dragonblood).

Topics

#Wireless Security#WPA3#Dragonblood#Vulnerabilities

Community Discussion

No community discussion yet for this question.

Full 312-50V13 Practice