Disk Wiping by any other name

Question 1

What was the name of the Windows built-in disk wiping utility?

Answer 1

Cipher

Question 2

How did Cipher work?

Answer 2

By filling a file with enough data to consume all available unallocated space

Question 3

What was the problem with Cipher?

Answer 3

Could take up too much space so the OS would hang up

Question 4

Windows doesn’t delete file data. What does it do when the delete file command is executed?

Answer 4

It marks the physical space that the files occupy as unallocated and available for reuse

Question 5

What are the two problems caused when a disk sanitizer fails to overwrite old MFT entries?

Answer 5

Information can be inferred from these and some data may still remain if small enough

Question 6

Were the majority of disk wiping utilities effective at removing Alternate Data Streams?

Answer 6

No

Question 7

Did the majority of disk wiping utilities effectively remove small datafiles that were present in the MFT?

Answer 7

No

Question 8

Why do the disk wiping utilities frequently miss small files that are stored in the MFT?

Answer 8

The area where these reside is not slack space

Question 9

Do disk wiping utilities typically clean the registry hive?

Answer 9

No

Question 10

What is the other category of utilities that are designed to be used prior to repurposing or recycling disk drives?

Answer 10

Disk sanitizers and disk purgers

Question 11

Of the 7 disk wiping utilities analyzed, how many were shown to be effective?

Answer 11

One

Question 12

What is the term used to describe data that was unaffected by the disk wiping?

Answer 12

HKLM is an example