Crucial Exams

Certified Ethical Hacker (CEH) Practice Question

During a red-team engagement, you recover an unattended corporate smartphone running Android 12. The screen is locked and the bootloader is still locked, but USB debugging was left enabled and the device has previously trusted your laptop's ADB RSA key. With only minutes of physical access, which built-in attack vector lets you deploy a backdoored application and obtain a reverse shell without further user interaction?

  • Send a crafted WAP-Push Service Indication (SI) SMS that forces the device to download and install your application.

  • Reboot the phone into fastboot mode and flash a modified system image containing your payload.

  • Transfer the APK via NFC Android Beam and rely on automatic installation when the devices touch.

  • Use the trusted ADB session to run adb install and silently sideload the malicious APK.

Certified Ethical Hacker (CEH)
Mobile Platform, IoT, and OT Hacking
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot