CISSP · Question #695
Which media sanitization methods should be used for data with a high security categorization?
The correct answer is D. Purge or destroy. For data with high security categorizations, NIST SP 800-88 guidelines specify that Purge or Destroy are the appropriate sanitization methods, as they provide stronger assurance against data recovery than simpler techniques.
Question
Which media sanitization methods should be used for data with a high security categorization?
Options
- AClear or destroy
- BClear or purge
- CDestroy or delete
- DPurge or destroy
How the community answered
(37 responses)- A3% (1)
- B3% (1)
- D95% (35)
Why each option
For data with high security categorizations, NIST SP 800-88 guidelines specify that Purge or Destroy are the appropriate sanitization methods, as they provide stronger assurance against data recovery than simpler techniques.
Clear is a baseline sanitization method suitable for lower security categorizations that protects against simple non-invasive data recovery, but it does not provide sufficient protection for high-security data; pairing it with Destroy is inconsistent with NIST's tiered recommendations.
While Purge is appropriate for high-security data, Clear is only suitable for lower-sensitivity media reuse scenarios and does not meet the security requirements for high categorization data, making this pairing incorrect.
Delete is merely a logical operation that removes file system pointers without actually overwriting underlying data, making it wholly inadequate for any security-conscious sanitization scenario, let alone high-security categorization requirements.
Purge applies physical or logical techniques that render data recovery infeasible using state-of-the-art laboratory techniques, such as cryptographic erase or secure overwrite with verification, while Destroy physically eliminates the media entirely through methods like shredding, disintegration, or incineration. Both methods meet the stringent requirements of NIST SP 800-88 for high-security categorization data, where the risk of unauthorized disclosure is unacceptably high and stronger assurance is required beyond simple clearing.
Concept tested: NIST SP 800-88 media sanitization methods by security level
Source: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-88r1.pdf
Topics
Community Discussion
No community discussion yet for this question.