“Clearing tracks” is a post-exploitation phase in the ethical hacking methodology in which the attacker removes or alters system evidence to hide their activities and avoid detection. This may include:
Deleting or modifying event logs
Clearing bash history or command history
Removing malware traces
Disabling auditing
From CEH v13:
Corrupting or erasing event logs ensures that system administrators or forensic investigators cannot trace the intrusion or determine how the system was compromised.
Incorrect Options:
A. Creating a backdoor is part of the "Maintaining Access" phase, not "Clearing Tracks."
B. Injecting a rootkit is part of the "Gaining or Maintaining Access" stage.
C. Exploiting a vulnerability is part of the "Gaining Access" phase.
Reference – CEH v13 Official Courseware:
Module 05: System Hacking
Section: “Clearing Logs and Erasing Evidence”
Subsection: “Track-Clearing Techniques”
Lab: Log Manipulation and Covering Tracks
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit