Cyber Security

Career Paths:

Information Security Analysts: Perform Monitoring SOC , Analyzes system activities, vulnerability assessments and solving incidents.

Information Security Officer:  Plan , develop, enforcing policies , awareness,  trainings and security documentations.

Information Security Engineer:  Design , develop and deploy security solutions

 

 

———————–NOTES————————-

700_FO60665476_2bcd7b7ff2d43a123d74b5f85fb27a1e.jpg

Topic : Covering Tracks  ( Hiding the footprints )

By manipulating the systems auditing logs & Most recent used items.

#Windows:-

^Windows  has a utility called “Aduitpol.exe” to view and manage the auditing logs.  To view the status of each audit logs ( # Auditpol /get/category:*  )  and to desable the auditing logs use ( # Auditpol /clear )

^CLearLogs.exe:

^EventViewer :  Writing scripts and clearing the logs from event viewer.

OPTION 1: USING CMD  (# for /F “tokens=*” %1 in (‘wevtutil.exe el’) DO wevtutil.exe cl “%1” )

OPTION 2: USING ENVENT VIEWER 1. Press the Win + R keys to open the Run dialog, type eventvwr.msc, and click/tap on OK. 2. Select a log (ex: Application) that you want to clear in the left pane of Event Viewer, and click/tap on Clear Log in the far right Actions pane

^CCleaner : Is best utility for hackers to clean all registries, dump memory and delete Most Recent Used items.

#linux

By default the Linux audit framework logs all data in the /var/log/audit directory. Usually this file is named audit.log.

Using : RM History command to clear MRU

 

 

Advertisements