During a penetration testing engagement, you have established persistent access on a target system. Which of the following methods is the BEST to mask your continued presence from the system administrators?
Hosting all backdoor connections on non-standard ports to avoid attention
Installing a rootkit to conceal the presence of your tools and activities
Cleaning all log files daily to remove any trace of unauthorized access
Frequently changing file and directory permissions to maintain access
Disabling all logging services on the target system
Renaming all penetration testing tools with system default process names