A company is preparing to decommission an offline, non-networked root certificate server. Before
sending the server’s drives to be destroyed by a contracted company, the Chief Security Officer
(CSO) wants to be certain that the data will not be accessed. Which of the following, if
implemented, would BEST reassure the CSO? (Select TWO).
A.
Disk hashing procedures
B.
Full disk encryption
C.
Data retention policies
D.
Disk wiping procedures
E.
Removable media encryption
So…Do you encrypt the drive and then wipe it…or wipe it and then encrypt it…lol. Just open the drive and drop it in a solvent…should take the metal oxides off the platters.
Seriously, the the options should be over-writing and then wiping, as encryption may make the wipe less effective, and if you encrypt a wiped drive, it may find some file info the wipe did not process properly, and preserve that info. Overwriting seems the only way to confuse the file system enough for a wipe to work. Also, hashing will give you an option to see if you data might have been retrieved.
F. Woodchipper / Shredder (That’s what we do in the real world.)
How do I copyright articles and newsletters that I am wanting to publish?
http://google.com