PT0-003 Question #311: Real Exam Question with Answer & Explanation

Sign in or unlock PT0-003 to reveal the answer and full explanation for question #311. The question stem and answer options stay visible for context.

Submitted by andreas_gr· Mar 6, 2026Post-exploitation and Lateral Movement

Question

A tester compromises a shared host that is manually audited every week due to the absence of a SIEM. Which of the following is the best way to reduce the chances of being detected? Modify files located in the directory.

Options

A/var/log
BUse the clear command to remove recent terminal activity.
CPerform commands under one of the developer accounts.
DDisable all logging services on the host.

Unlock PT0-003 to see the answer

You've previewed enough free PT0-003 questions. Unlock PT0-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock PT0-003 - $49.99 / 30 days Sign in

Topics

#evasion#log tampering#anti-forensics#post-exploitation

Full PT0-003 Practice Browse All PT0-003 Questions