CompTIA CASP+ (CAS-004) — Question 261

A help desk technician is troubleshooting an issue with an employee's laptop that will not boot into its operating system. The employee reported the laptop had been stolen but then found it one day later. The employee has asked the technician for help recovering important data. The technician has identified the following:

• The laptop operating system was not configured with BitLocker.
• The hard drive has no hardware failures.
• Data is present and readable on the hard drive, although it appears to be illegible.

Which if the following is the MOST likely reason the technician is unable to retrieve legible data from the hard drive?

Answer options

• A. The employee's password was changed, and the new password needs to be used.
• B. The PKI certificate was revoked, and a new one must be installed.
• C. The hard drive experienced crypto-shredding.
• D. The technician is using the incorrect cipher to read the data.

Correct answer: C

Explanation

The correct answer is C because crypto-shredding refers to the process of rendering data irretrievable through encryption, which aligns with the illegibility of the data on the hard drive. The other options involve scenarios that are not applicable given the details provided, such as password changes or certificate issues, which do not explain the unreadable data situation.