Lesson 9 - Chapter 5: Data Destruction and Disposal

Question 1

If you want to ensure that nobody can recover data from a storage device, what’s the best way to accomplish that?

(magnetic, optical, flash drive)

Answer 1

physical destruction

Question 2

What are the 4 ways you can physically destroy a device?

Answer 2

1. Drilling
2. Shredding
3. Degaussing
4. Incinerating

Question 3

How do you use drilling to physically destroy data on a device?

Answer 3

using a power drill to drill multiple holes through drives, mobo, expansion cards, memory boards, etc (EXCEPT the power supply, dangerous, no data there anyway)

Question 4

How do you use shredding to physically destroy data on a device?

Answer 4

heavy duty office paper shredders can shred optical media (discs), certified data destruction firms have shredders that can handle drives, magnetic tape, etc

Question 5

How do you use degaussing to physically destroy data on a device? Does it keep it intact?

Answer 5

degaussing tools remove/reduce the magnetization used to store data on hard disks, magnetic tape, etc.

Keeps it intact but no longer has readable magnetic data

Question 6

How do you use incineration to physically destroy data on a device?

Answer 6

Burning is a good alternative to shredding for paper, magnetic tape, and optical media

(medium to large volumes of disposable matter should be done by a 3rd party disposal facility)

Question 7

What’s an alternative to destroying data storage devices?

Answer 7

recycling or repurposing

Question 8

Does simply deleting data from a storage device remove data?

Answer 8

No, it doesn’t actually remove the data (which is why undelete functions work)

Question 9

What are the 2 primary ways to use software to completely wipe data from a device?

Answer 9

1. Data destruction software
2. Zero-fill

Question 10

What is data destruction software? What is it also called?

Answer 10

Also called drive wiping software

it writes over all data with strings of gibberish (junk data) several times

Question 11

What is low-level formatting?

Answer 11

it sets up a manufactured disk to be used by setting up the sectors and tracks of the disks (you can’t re-do this on modern disks but the closest is zero-fill)

Question 12

What is zero-fill?

Answer 12

recreates the original contents of the sectors by overwriting all of the bits on the disk with 0’s

(achieves the same security result as low-level formatting)

Question 13

What’s the difference between low-level and standard formatting?

Answer 13

low-level = overwrites the data and sector markings on the media

standard = leaves data in place but inaccessible through the file system (3rd party apps and data recovery services can still access it)

Question 14

What does FACTA stand for?

Answer 14

Fair and Accurate Credit Transactions Act (FACTA)

Question 15

When businesses choose an outside vendor to destroy data, what do they have to make sure?

Answer 15

if the company falls under the FACTA regulations, they need to make sure the service they hire adheres to the FACTA regulations regarding the disposal of consumers’ private information

Question 16

What is a certificate of destruction?

Answer 16

Proof that the organization (that disposed of/recycled devices) is following the applicable requirements or laws