There are many ways to disrupt the logging of CloudTrail trails to try and stay under the radar during our attack, but they all will likely trigger alerts that will expose our activity to someone paying attention. It is still important to know about these methods though, because not every account we attack will have even the most basic monitoring capabilities (such as GuardDuty), so it would make sense to disable any CloudTrail logging in that case. There are partial solutions to this problem though; those solutions and their limitations will be discussed at the end of this section.