What action involves modifying or deleting logs to remove evidence of intrusion?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

What action involves modifying or deleting logs to remove evidence of intrusion?

Covering tracks means tampering with or deleting logs and other evidence to hide what happened during an intrusion. By altering timestamps, clearing log files, or suppressing log generation, an attacker tries to erase footprints so investigators can’t easily reconstruct the attack timeline, techniques used, or entry point. This is a classic defense-evasion tactic aimed at staying undetected.

Gaining access describes breaking in or authentication to a system, not specifically about removing evidence. Escalating privileges is about obtaining higher rights after initial access, not about hiding traces. Executing applications is simply running software, which may be part of an attack but isn’t the act of concealment itself.

What action involves modifying or deleting logs to remove evidence of intrusion?

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

What action involves modifying or deleting logs to remove evidence of intrusion?

Get the latest from Passetra