# Lab SEC-9: Data Destruction Decision Practice Domain: - 2.0 Security Works on: - Windows - Linux - Optional macOS ## Goal Practice data destruction decisions and safely demonstrate the difference between deletion and secure destruction concepts. Do not wipe, format, shred, degauss, reset, or destroy any real drive for this lab. ## Part 1: Safe File Deletion Demo Windows PowerShell: ```powershell New-Item -ItemType Directory -Path "$env:USERPROFILE\AplusDataDestructionLab" "Practice data" | Set-Content "$env:USERPROFILE\AplusDataDestructionLab\test.txt" Get-ChildItem "$env:USERPROFILE\AplusDataDestructionLab" Remove-Item "$env:USERPROFILE\AplusDataDestructionLab\test.txt" Get-ChildItem "$env:USERPROFILE\AplusDataDestructionLab" ``` Record: - Folder created: - Test file visible before deletion: - Test file visible after deletion: - Why this was not secure destruction: Linux: ```bash mkdir -p ~/aplus-data-destruction-lab printf "Practice data\n" > ~/aplus-data-destruction-lab/test.txt ls -l ~/aplus-data-destruction-lab rm ~/aplus-data-destruction-lab/test.txt ls -l ~/aplus-data-destruction-lab ``` Record: - Folder created: - Test file visible before deletion: - Test file visible after deletion: - Why this was not secure destruction: Optional macOS: ```bash mkdir -p ~/aplus-data-destruction-lab printf "Practice data\n" > ~/aplus-data-destruction-lab/test.txt ls -l ~/aplus-data-destruction-lab rm ~/aplus-data-destruction-lab/test.txt ls -l ~/aplus-data-destruction-lab ``` Record: - Folder created: - Test file visible before deletion: - Test file visible after deletion: - Why this was not secure destruction: ## Part 2: Storage Inspection Windows: ```powershell Get-Volume ``` Record: - Main drive letter: - File system: - Any removable drives listed: Linux: ```bash lsblk -f ``` Record: - Main device name: - File system: - Any removable drives listed: Optional macOS: ```bash diskutil list ``` Record: - Main disk identifier: - File system or container type: - Any removable drives listed: ## Part 3: Method Matching Choose the best destruction method: 1. A laptop hard drive will be reused by another employee. 2. A failed hard drive contains financial records and will be discarded. 3. An SSD contains sensitive data and is being retired. 4. A magnetic tape backup must be destroyed. 5. A vendor destroys 200 company drives. 6. A single sensitive file must be removed while the computer remains in service. 7. A user quick-formatted a drive and wants to know whether the data is safely gone. ## What You Should Learn - Delete removes normal access, but it is not secure data destruction. - Quick format is not the same as a full overwrite. - Whole-drive wiping is for reuse. - Physical destruction is for disposal. - Degaussing is for magnetic media, not SSDs or flash. - A certificate of destruction provides an audit trail.