CRISC · Question #124
CRISC Question #124: Real Exam Question with Answer & Explanation
The correct answer is B: Cryptographically scrambling the data. Cryptographically scrambling data is the most effective method for sanitizing data in cloud storage, as it renders the data unreadable without the encryption key, which can then be securely destroyed.
Question
Which of the following is the BEST way to ensure data is properly sanitized while in cloud storage?
Options
- ADeleting the data from the file system
- BCryptographically scrambling the data
- CFormatting the cloud storage at the block level
- DDegaussing the cloud storage media
Explanation
Cryptographically scrambling data is the most effective method for sanitizing data in cloud storage, as it renders the data unreadable without the encryption key, which can then be securely destroyed.
Common mistakes.
- A. Deleting data from the file system often only removes pointers to the data, leaving the actual data blocks recoverable with specialized tools until overwritten.
- C. Formatting cloud storage at the block level is usually an operation performed by the cloud provider, and even if possible, it's not a direct control for the customer to sanitize specific data objects without affecting the entire storage volume.
- D. Degaussing is a physical destruction method using strong magnetic fields to erase data from magnetic media; this is not applicable for logical data sanitization in a multi-tenant cloud environment where users do not have access to the physical media.
Concept tested. Cloud data sanitization
Reference. https://csrc.nist.gov/publications/detail/sp/800-88/rev-1/final
Topics
Community Discussion
No community discussion yet for this question.