Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.

BASIC

Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement

PRO

All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

Data Remanence Transcription

Welcome to our data remnants module. Computer security professionals need to be familiar with data remnants. Data remnants is residual data that remains on a piece of storage media after you are done using it. The problem with data remnants is that if a hard drive or solid state drive is not properly destroyed and it falls into the hands of an unauthorized individual, they may be able to access data that you thought you deleted.

We should understand the difference between hard disk drives and solid state drives. Hard disk drives are mechanical, they store data magnetically using read write heads that move across a rotating platter. When a user deletes data from a hard drive the actual data is not erased, rather the index is updated marking that data as deleted.

But if someone looks in the storage area where that data was stored, they would still find the old data until new data is stored in that location overwriting the old data. Solid state drives work a little differently in that they have no moving parts, and rather than using platters to store data they use flash memory or chips to store data.

With solid state drives the data can be accessed directly with no moving parts. Because of the way that flash memory works, these devices will typically store new data in a different area rather than overwriting old data. This is known as wear leveling and it is done to prevent certain areas of the storage device from being worn out before other areas.

With chips, the best way to destroy data is incinerating or shredding the chips. Degaussing is a process where we use a strong magnet to destroy data. Degaussing does not work on solid state drives because solid state drives do not store data magnetically. Hybrid drives combine magnetic storage with solid state storage, and therefore hybrid drives are also not completely erased using degaussing.

We can use different methods to make sure that data is destroyed. Clearing is when we apply a logical technique, such as deleting data and then rewriting the area where data was stored to sanitize our storage devices. And make sure that individuals cannot use forensic data recovery techniques to recover data that we wanted permanently destroyed.

Purging is where we apply physical or logical techniques to render the data recovery infeasible, even when using state of the art lab techniques. There are a few options you can use for purging, depending on the sensitivity of the data that was stored on the device. You can overwrite data using a tool such as BCWipe that simply overwrites all of the areas of the storage media with patterns of data, typically zeroes, and that is known as zeroization, 7 times, or even 35 times in some instances. And this is typically adequate for re-using a piece of media, but you should remember for the CISSP exam that we would always re-use media at the same level and never at a lower level. For example, if a hard drive was used to store top secret data, we would never use that hard drive to store secret or unclassified data, even after we have wiped the data on the hard drive.

We can also use encryption, a tool like Crypto Erase, which will actually encrypt the data on the hard drive, and then destroy the encryption key. Since the encryption key is no longer available, no one will be able to access the data, but you must be able to mount the drive for this to work properly.

Degaussing is a strong magnetic field that destroys media such as hard drives. But you should remember that degaussing does not work on solid state drives or hybrid drives because they store data with flash memory rather than using platters. The best method would be physical destruction where we physically break the storage device by grinding or shredding it, using chemicals to alter the device.

Or using some type of phase transition such as liquefying or vaporizing the device. We can also burn the devices using incineration. And there are devices made which will actually shred a hard drive and totally destroy it. For the CISSB exam, you should remember that physical destruction is going to provide you with the highest amount of security and ensure that no one is able to recover the data.

However physical destruction can be very expensive and you are also destroying the storage device so that it cannot be reused, causing you to have to purchase additional storage devices. This concludes our data remnants module. Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!