CompTIA SecurityX (CAS-005) — Question 182

A security operations engineer needs to prevent inadvertent data disclosure when encrypted SSDs are reused within an enterprise. Which of the following is the most secure way to achieve this goal?

Answer options

• A. Executing a script that deletes and overwrites all data on the SSD three times
• B. Wiping the SSD through degaussing
• C. Securely deleting the encryption keys used by the SSD
• D. Writing non-zero, random data to all cells of the SSD

Correct answer: C

Explanation

The most secure method is to securely delete the encryption keys used by the SSD, as this renders the data inaccessible regardless of the physical state of the disk. The other options, while they may delete or overwrite data, do not guarantee that the data cannot be recovered if the encryption keys are still intact, which makes them less secure.