Sanitization methods address the data remanence problem to different levels of effectiveness. Which of the following is the best method that makes the data recovery and media reuse infeasible using state of the art laboratory techniques per NIST SP 800-88 R1?
D. Physical destruction
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. Destroy.
NIST SP 800-88 R1 introduces three sanitization methods: clear, purge, and destroy. “Destroy” is a sanitization method that makes the data recovery and media reuse infeasible using state of the art laboratory techniques.
Physical destruction “can” destroy the media but “may not” completely destroy it so that the data can not be recovered. Shredding is a good example of physical destruction, but “some” data could be restored.
Sutapa Sarkar has a very good explanation as follows:
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.
消毒方法(sanitization methods)可將資料殘留(data remanence)解決到不同的有效性水平。 根據NIST SP 800-88 R1，下列哪項是是使用最新的實驗室技術也無法恢復資料和重覆使用儲存媒體的最佳方法？
A. 清除 (purge)
B. 銷毀 (destroy)
C. 消磁 (degaussing)
D. 物理破壞 (physical destruction)