Page 1521 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1521

environments. Erasing the media performs a delete, but the data
                    remains and can easily be restored. Clearing, or overwriting, writes

                    unclassified data over existing data, but some sophisticated
                    forensics techniques may be able to recover the original data, so
                    this method should not be used to reduce the classification of
                    media.

                6.  C. Sanitization can be unreliable because personnel can perform
                    the purging, degaussing, or other processes improperly. When

                    done properly, purged data is not recoverable using any known
                    methods. Data cannot be retrieved from incinerated, or burned,
                    media. Data is not physically etched into the media.

                7.  D. Purging is the most reliable method of the given choices.
                    Purging overwrites the media with random bits multiple times and
                    includes additional steps to ensure that data is removed. While not
                    an available answer choice, destruction of the drive is a more

                    reliable method. Erasing or deleting processes rarely remove the
                    data from media, but instead mark it for deletion. Solid state drives
                    (SSDs) do not have magnetic flux, so degaussing an SSD doesn’t
                    destroy data.

                8.  C. Physical destruction is the most secure method of deleting data
                    on optical media such as a DVD. Formatting and deleting processes
                    rarely remove the data from any media. DVDs do not have

                    magnetic flux, so degaussing a DVD doesn’t destroy data.

                9.  D. Data remanence refers to data remnants that remain on a hard
                    drive as residual magnetic flux. Clearing, purging, and overwriting
                    are valid methods of erasing data.

              10.  C. Linux systems use bcrypt to encrypt passwords, and bcrypt is
                    based on Blowfish. Bcrypt adds 128 additional bits as a salt to
                    protect against rainbow table attacks. Advanced Encryption
                    Standard (AES) and Triple DES (or 3DES) are separate symmetric

                    encryption protocols, and neither one is based on Blowfish, or
                    directly related to protecting against rainbow table attacks. Secure
                    Copy (SCP) uses Secure Shell (SSH) to encrypt data transmitted
                    over a network.
   1516   1517   1518   1519   1520   1521   1522   1523   1524   1525   1526