122 lines
2.8 KiB
Markdown
122 lines
2.8 KiB
Markdown
# Lab SEC-9: Data Destruction Decision Practice
|
|
|
|
Domain:
|
|
- 2.0 Security
|
|
|
|
Works on:
|
|
- Windows
|
|
- Linux
|
|
- Optional macOS
|
|
|
|
## Goal
|
|
|
|
Practice data destruction decisions and safely demonstrate the difference between deletion and secure destruction concepts.
|
|
|
|
Do not wipe, format, shred, degauss, reset, or destroy any real drive for this lab.
|
|
|
|
## Part 1: Safe File Deletion Demo
|
|
|
|
Windows PowerShell:
|
|
|
|
```powershell
|
|
New-Item -ItemType Directory -Path "$env:USERPROFILE\AplusDataDestructionLab"
|
|
"Practice data" | Set-Content "$env:USERPROFILE\AplusDataDestructionLab\test.txt"
|
|
Get-ChildItem "$env:USERPROFILE\AplusDataDestructionLab"
|
|
Remove-Item "$env:USERPROFILE\AplusDataDestructionLab\test.txt"
|
|
Get-ChildItem "$env:USERPROFILE\AplusDataDestructionLab"
|
|
```
|
|
|
|
Record:
|
|
- Folder created:
|
|
- Test file visible before deletion:
|
|
- Test file visible after deletion:
|
|
- Why this was not secure destruction:
|
|
|
|
Linux:
|
|
|
|
```bash
|
|
mkdir -p ~/aplus-data-destruction-lab
|
|
printf "Practice data\n" > ~/aplus-data-destruction-lab/test.txt
|
|
ls -l ~/aplus-data-destruction-lab
|
|
rm ~/aplus-data-destruction-lab/test.txt
|
|
ls -l ~/aplus-data-destruction-lab
|
|
```
|
|
|
|
Record:
|
|
- Folder created:
|
|
- Test file visible before deletion:
|
|
- Test file visible after deletion:
|
|
- Why this was not secure destruction:
|
|
|
|
Optional macOS:
|
|
|
|
```bash
|
|
mkdir -p ~/aplus-data-destruction-lab
|
|
printf "Practice data\n" > ~/aplus-data-destruction-lab/test.txt
|
|
ls -l ~/aplus-data-destruction-lab
|
|
rm ~/aplus-data-destruction-lab/test.txt
|
|
ls -l ~/aplus-data-destruction-lab
|
|
```
|
|
|
|
Record:
|
|
- Folder created:
|
|
- Test file visible before deletion:
|
|
- Test file visible after deletion:
|
|
- Why this was not secure destruction:
|
|
|
|
## Part 2: Storage Inspection
|
|
|
|
Windows:
|
|
|
|
```powershell
|
|
Get-Volume
|
|
```
|
|
|
|
Record:
|
|
- Main drive letter:
|
|
- File system:
|
|
- Any removable drives listed:
|
|
|
|
Linux:
|
|
|
|
```bash
|
|
lsblk -f
|
|
```
|
|
|
|
Record:
|
|
- Main device name:
|
|
- File system:
|
|
- Any removable drives listed:
|
|
|
|
Optional macOS:
|
|
|
|
```bash
|
|
diskutil list
|
|
```
|
|
|
|
Record:
|
|
- Main disk identifier:
|
|
- File system or container type:
|
|
- Any removable drives listed:
|
|
|
|
## Part 3: Method Matching
|
|
|
|
Choose the best destruction method:
|
|
|
|
1. A laptop hard drive will be reused by another employee.
|
|
2. A failed hard drive contains financial records and will be discarded.
|
|
3. An SSD contains sensitive data and is being retired.
|
|
4. A magnetic tape backup must be destroyed.
|
|
5. A vendor destroys 200 company drives.
|
|
6. A single sensitive file must be removed while the computer remains in service.
|
|
7. A user quick-formatted a drive and wants to know whether the data is safely gone.
|
|
|
|
## What You Should Learn
|
|
|
|
- Delete removes normal access, but it is not secure data destruction.
|
|
- Quick format is not the same as a full overwrite.
|
|
- Whole-drive wiping is for reuse.
|
|
- Physical destruction is for disposal.
|
|
- Degaussing is for magnetic media, not SSDs or flash.
|
|
- A certificate of destruction provides an audit trail.
|
|
|