While conducting a post-exploitation phase on a compromised Windows Server 2019 host, you have obtained a SYSTEM-level command prompt through a privilege-escalation exploit. To reduce forensic evidence, you want to wipe only the Security event log but leave the log file in place so the system keeps recording future events. Which built-in Windows command will achieve this goal with a single line?
The Windows Event Utility (wevtutil) includes the cl (clear-log) function, which erases all records in the specified log while keeping the log itself present so that new events continue to be written. Running "wevtutil cl Security" therefore clears the Security event log in place. The el option simply enumerates logs, logman delete targets performance data collector sets rather than event logs, and launching Event Viewer with an unrecognized "/clear" switch will not clear the log from the command line.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is wevtutil, and what does it do?
Open an interactive chat with Bash
Why does the 'wevtutil cl Security' command not delete the log file permanently?
Open an interactive chat with Bash
When would you use 'wevtutil el' instead of 'wevtutil cl'?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
System Hacking Phases and Attack Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .