Learn the most secure method to dispose of removable media with sensitive information according to ISACA CRISC certification standards. Proper disposal is critical to preventing data breaches.
Table of Contents
Question
An organization is disposing of removable onsite media which contains sensitive information. Which of the following is the MOST effective method to prevent disclosure of sensitive data?
A. Wiping and rewriting three times
B. Software formatting
C. Encrypting and destroying keys
D. Machine shredding
Answer
The most effective method to prevent disclosure of sensitive data when disposing of removable onsite media is:
D. Machine shredding
Explanation
When an organization needs to dispose of removable media like hard drives, USB drives, CDs/DVDs, or backup tapes that contain sensitive information, physically destroying the media through machine shredding is the most secure approach. Machine shredding involves using specialized equipment to cut, crush, and tear the media into tiny fragments, making the data completely unrecoverable.
The other options are less effective:
A. Wiping and rewriting the media multiple times can overwrite the data, but there is still a slight risk that advanced forensic techniques could recover trace remnants of the overwritten data.
B. Software formatting simply marks the data as deleted but does not actually erase it, so the data could still be recovered with data recovery tools.
C. Encrypting the data and destroying the decryption keys is better than A and B, as it renders the data unreadable without the keys. However, if the encryption implementation has any flaws, there is a remote possibility the data could still be decrypted and accessed.
In contrast, machine shredding makes the media and its data physically impossible to recover, as the media is reduced to tiny shards. This is the most foolproof method to guarantee the complete destruction of the sensitive data and thus the most effective at preventing disclosure. For the highest security, the shredded waste should then be either incinerated or divided among different waste containers for disposal.
ISACA CRISC certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the ISACA CRISC exam and earn ISACA CRISC certification.