diff --git a/atomics/Indexes/index.yaml b/atomics/Indexes/index.yaml
index 0350131a..d3975270 100644
--- a/atomics/Indexes/index.yaml
+++ b/atomics/Indexes/index.yaml
@@ -27419,15 +27419,13 @@ defense-evasion:
         command: |
           openssl genrsa -out #{key_filename} 4096
           openssl req -x509 -new -nodes -key #{key_filename} -sha256 -days 365 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -out #{cert_filename}
-
-          if [ $(rpm -q --queryformat '%{VERSION}' centos-release) -le "5" ];
-          then
-            cat rootCA.crt >> /etc/pki/tls/certs/ca-bundle.crt
-          else if [ $(rpm -q --queryformat '%{VERSION}' centos-release) -ge "7" ];
-            cp rootCA.crt /etc/pki/ca-trust/source/anchors/
-            update-ca-trust
-          fi
+          cp #{cert_filename} /etc/pki/ca-trust/source/anchors/
+          update-ca-trust
+        cleanup_command: |
+          rm /etc/pki/ca-trust/source/anchors/#{cert_filename}
+          update-ca-trust
         name: sh
+        elevation_required: true
     - name: Install root CA on Debian/Ubuntu
       auto_generated_guid: 53bcf8a0-1549-4b85-b919-010c56d724ff
       description: 'Creates a root CA with openssl
diff --git a/atomics/T1553.004/T1553.004.md b/atomics/T1553.004/T1553.004.md
index c1386bca..64f49f4b 100644
--- a/atomics/T1553.004/T1553.004.md
+++ b/atomics/T1553.004/T1553.004.md
@@ -44,22 +44,21 @@ Creates a root CA with openssl
 | key_filename | Key we create that is used to create the CA certificate | Path | rootCA.key|
 
 
-#### Attack Commands: Run with `sh`! 
+#### Attack Commands: Run with `sh`!  Elevation Required (e.g. root or admin) 
 
 
 ```sh
 openssl genrsa -out #{key_filename} 4096
 openssl req -x509 -new -nodes -key #{key_filename} -sha256 -days 365 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" -out #{cert_filename}
-
-if [ $(rpm -q --queryformat '%{VERSION}' centos-release) -le "5" ];
-then
-  cat rootCA.crt >> /etc/pki/tls/certs/ca-bundle.crt
-else if [ $(rpm -q --queryformat '%{VERSION}' centos-release) -ge "7" ];
-  cp rootCA.crt /etc/pki/ca-trust/source/anchors/
-  update-ca-trust
-fi
+cp #{cert_filename} /etc/pki/ca-trust/source/anchors/
+update-ca-trust
 ```
 
+#### Cleanup Commands:
+```sh
+rm /etc/pki/ca-trust/source/anchors/#{cert_filename}
+update-ca-trust
+```