Information Security Analysts: Perform Monitoring SOC , Analyzes system activities, vulnerability assessments and solving incidents.
Information Security Officer: Plan , develop, enforcing policies , awareness, trainings and security documentations.
Information Security Engineer: Design , develop and deploy security solutions
Topic : Covering Tracks ( Hiding the footprints )
By manipulating the systems auditing logs & Most recent used items.
^Windows has a utility called “Aduitpol.exe” to view and manage the auditing logs. To view the status of each audit logs ( # Auditpol /get/category:* ) and to desable the auditing logs use ( # Auditpol /clear )
^EventViewer : Writing scripts and clearing the logs from event viewer.
OPTION 1: USING CMD (# for /F “tokens=*” %1 in (‘wevtutil.exe el’) DO wevtutil.exe cl “%1” )
OPTION 2: USING ENVENT VIEWER 1. Press the Win + R keys to open the Run dialog, type eventvwr.msc, and click/tap on OK. 2. Select a log (ex: Application) that you want to clear in the left pane of Event Viewer, and click/tap on Clear Log in the far right Actions pane
^CCleaner : Is best utility for hackers to clean all registries, dump memory and delete Most Recent Used items.
By default the Linux audit framework logs all data in the /var/log/audit directory. Usually this file is named audit.log.
Using : RM History command to clear MRU