Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CEH v11 > Covering Your Tracks > Flashcards

Covering Your Tracks Flashcards

1
Q

Covering Tracks Methods

A

Disable auditing
Turn off hibernation file
Clear logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Disabling Auditing

A

(Ubuntu/Debian) export HISTSIZE=0
(Fedora/RHEL) systemctl auditd disable
(Windows) auditpol /set /category “System”,”Account logon” /success:disable /failure:disable
(Windows) fsutil behavior set disableastaccess 1

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Clearing Logs

A

(Windows PowerShell) clear-eventlog “WIndows PowerShell”
(Windows PowerShell) wevtutil -cl Security
cipher.exe
(Linux) echo “ “ > /var/log/auth.log
(Linux) shred file1.txt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Defenses

A
  • syslog
  • SIEM
  • Windows event viewer subscriptions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CEH v11 (55 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions