CompTIACompTIA
PT0-002 · Question #88
PT0-002 Question #88: Real Exam Question with Answer & Explanation
The correct answer is C: Covering tracks by clearing the Bash history. https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover- your-tracks-remain-undetected-0244768/
Post-exploitation and lateral movement
Question
A penetration tester gains access to a system and establishes persistence, and then runs the following commands: Which of the following actions is the tester MOST likely performing?
Options
- ARedirecting Bash history to /dev/null
- BMaking a copy of the user's Bash history for further enumeration
- CCovering tracks by clearing the Bash history
- DMaking decoy files on the system to confuse incident responders
Explanation
https://null-byte.wonderhowto.com/how-to/clear-logs-bash-history-hacked-linux-systems-cover- your-tracks-remain-undetected-0244768/
Topics
#Post-exploitation#Covering tracks#Bash history#Operational security
Community Discussion
No community discussion yet for this question.