Certified Information Systems Auditor (CISA) — Question 1066

An organization is disposing of removable onsite media which contains sensitive information. Which of the following is the MOST effective method to prevent disclosure of sensitive data?

Answer options

• A. Wiping and rewriting three times
• B. Software formatting
• C. Encrypting and destroying keys
• D. Machine shredding

Correct answer: D

Explanation

Machine shredding (D) is the most effective method as it physically destroys the media, making data recovery impossible. Wiping and rewriting (A) can leave residual data, while software formatting (B) does not adequately remove data. Encrypting and destroying keys (C) is useful, but if the media is still intact, sensitive information could potentially be recovered.