Advice from expert CISSP

huddahudda Member Posts: 101
hi there,
Advice from expert CISSP confused with this Q

7. Which of the following choices is the most reliable method of destroying data on a solid state drive?
A. Erasing
B. Degaussing
C. Deleting
D. Purging

Ans - D. Purging.

Tanks....
Hudda

Comments

  • logikillogikil Member Posts: 26 ■□□□□□□□□□
    So are you trying to identify why D is the answer? Its all down to wording and the options presented. If destruction were there I would go with destruction, but based on what is and the definitions of the different processes, purging would be best because it is defined as:

    Making information unrecoverable even with extraordinary effort such as a physical forensics lab.

    Because that definition doesn't necessarily provide a specific mechanism it would be whatever means fits that bill. Degaussing doesn't help with SSD, deleting doesn't really get rid of the data just to pointers to it, and erasing may be a single 0 pass over the data, but potentially offers the ability to recover. So for this question should be D.
  • LonerVampLonerVamp OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK Member Posts: 518 ■■■■■■■■□□
    Good question, since so many CISSP questions rely on the details of every single word. In this case, solid state drives are not affected by degaussing, so that one gets thrown out, leaving purging. (Degaussing is a form of purging.)

    Security Engineer/Analyst/Geek, Red & Blue Teams
    OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
    2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs?
  • PJ_SneakersPJ_Sneakers CompTIA, EC-Council, ISACA, Microsoft USAMember Posts: 884 ■■■■■■□□□□
    A) Erasing - Not sure this is even a "real" term. Could be like deleting? See answer C.
    B) Degaussing - Doesn't really apply to SSD.
    C) Deleting - Doesn't destroy data.
    D) Purging - The only term that isn't ruled out above, that does in fact refer to the destruction of data. Also used as a term by NIST in reference to data sanitization.
  • kabooterkabooter Member Posts: 115
    I thought B is the answer but just read that degaussing does not apply to SSDs.
    So with that knowledge, I would say erase means delete which both mean data can be recovered. B does not apply so purge has more of a punch than A and C
  • dhay13dhay13 Member Posts: 580 ■■■□□□□□□□
    As said above, purge, since destruction isn't an option.
  • huddahudda Member Posts: 101
    You guys are the best of the best !
    kabooter you are correct I read also degaussing does not apply to SSDs.

    Thanks
    Hudda
Sign In or Register to comment.