Data Destruction and Disposal – CompTIA A+ 220-902 – 3.6

| February 19, 2016

You’ve erased the data, but is it really gone? In this video, you’ll learn best practices for physical drive destruction, the use of destruction certificates, some formatting techniques, and how to securely erase individual files.

<< Previous: Securing Mobile DevicesNext: Securing a SOHO Network >>



Which of these is true regarding data recovery in Windows 8.1?
All information is backed up in the system cache
All data files are encrypted on disk by default
Data cannot be recovered from a quick format
All system files are backed up to the cloud by default
Data cannot be recovered after a full format

Correct!

Wrong!

George is a system administrator for a large medical insurance company. George is retiring 50 old servers, and he's provided the server hard drives to a third-party service to have the drives destroyed. Which of the following would be the MOST common way for George to confirm that the drive destruction has been completed?
The third-party service will return the destroyed drives
The third-party service will provide a certificate of destruction
George will be present when the drives are destroyed
The third-party service will provide video of the drive destruction

Correct!

Wrong!

What kind of hard drive drive formatting clears the file table, but does not physically erase any of the data?
Table format
Quick format
Regular format
File format
Low-level format

Correct!

Wrong!

What would you expect to receive after a third-party has disposed of your storage drives?
A backup tape of the data that was stored on the drives
A certificate verifying the destruction of the drives
An inventory sheet of drive serial numbers
An estimated cost to replace all destroyed drives

Correct!

Wrong!

You've contracted with a third-party to destroy a batch of old hard drives. How can you be sure that the destruction was completed?
The third-party returns the remains of all destroyed drives
The third-party provides video evidence of the destruction
A tracking tag is added to drives prior to destruction
The third-party provides a certificate that validates the destruction
A piece of each drive is returned to the original owner

Correct!

Wrong!

Share the quiz to show your results !

Subscribe to see your results

Review Quiz: Data Destruction and Disposal

I got %%score%% of %%total%% right

%%description%%

%%description%%

Loading...


When we upgrade to a new storage device, some of our data may still be contained on that old storage device. That’s why it’s important to know how to destroy or dispose of this data properly. If you’d like to make sure a storage device can never be used again, then you may want to physically destroy the device thereby making all of the data inaccessible. One way to do this is with an industrial shredder. You can put a hard drive into one of these devices, and it will completely destroy everything that’s on that hard drive.

If you don’t have a shredder, you can do this yourself with simply using a drill or a hammer. By drilling all the way through the platters of a drive, you’ll be assured that nobody can use that drive again. A degausser emits a very strong magnetic field that not only is going to remove all of the data on the platters of the drive, but it will also render the drive electronics unusable. And for the ultimate in physical destruction, you can incinerate the drive, rendering everything on the drive impossible to recover.

In very large organizations, you may have a need to physically destroy drives, but you don’t have the time or the people to be able to do this yourself. In those cases, you could bring in a third party, and this third party will be responsible for destroying all the drives that you have available. Once these drives are made available to the third party and they destroy them, they then provide you with a certificate that proves that these drives were destroyed. This gives you a paper trail so that you can always go back to know exactly when and where a particular drive was destroyed.

If you’d like to keep the drive usable but simply destroy all of the data that’s on the drive, you could perform a format. There’s an initial format that’s done when the drive is manufactured. This is called a low level format and is a format that you generally don’t do from the user side.

From the user’s perspective, you’re generally running one of two different kinds of formats. One of these is called a quick format. This sets up the file system. It installs a boot sector, and it clears out any file table that might be in the system. But it doesn’t physically remove any of the old data from the drive. If you have the right kind of undelete or unerase software, you would still be able to access the data that’s on that drive.

The type of format that would clear everything on the drive and make the data unrecoverable is called a regular format. This is not only going to set up the file system, but it’s also going to override every sector on the drive with zeros. This is something that’s done automatically during a regular format in Windows Vista and later. Once you perform a regular format, you can’t use any type of program to go back and recover that data.

Of course, you should always be mindful of where your data is. And if you’re relying on a third party to take care of this data destruction, you need to always audit and make sure the data was really destroyed. For example, in July 2013, in the UK National Health Service Surrey, they found that they were providing these hard drives to be destroyed by a third party, but they really weren’t destroying them. These drives contained patient records, and although the health service was provided a certificate saying that the drive was really destroyed, in fact, the drives were sold on eBay. Someone bought the drives, found the patient records, and contacted the authorities. And unfortunately, the health service was fined over 200,000 pounds.

If you’re concerned about this kind of sensitive data getting in the hands of someone else, you can perform secure deletes and secure erases of this data that will overwrite the information on the drive and give you a verification that the data’s no longer there. One way to do this in Windows is with a utility called “Sdelete” that you can get from Windows Sysinternals. There’s also an entire full drive erase and data removal program called “DBAN.” This is Derek’s Boot And Nuke. It’s a very common way to boot your system and completely overwrite everything that’s on that drive. And of course, if you really want to be sure all of this data is gone, follow some of those processes for physical drive destruction, and you could be assured that drive will never show up on eBay.

Tags: , , , , , , , ,

Category: CompTIA A+ 220-902

Comments are closed.

X