A portable data storage device has been determined to have malicious firmware.
Which of the following is the BEST course of action to ensure data confidentiality?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The BEST course of action to ensure data confidentiality in the case of a portable data storage device that has been determined to have malicious firmware is to physically destroy the device (Option D).
Explanation: Malicious firmware on a storage device is a serious threat to data confidentiality, as it could be designed to copy or exfiltrate data without the knowledge of the user. In such a scenario, formatting the device (Option A) or performing a virus scan (Option C) may not be sufficient to eliminate the threat, as the malicious code could be designed to survive such actions.
Re-imaging the device (Option B) may be a viable option if the device is being used in an enterprise environment and there are standardized images available. However, this may not be practical or feasible for personal devices or those without standardized images available.
The BEST course of action, therefore, is to physically destroy the device (Option D) by using a secure and irreversible method such as shredding, burning, or pulverizing. This ensures that any data on the device is completely destroyed and cannot be recovered or accessed by unauthorized parties.
In summary, while formatting, virus scanning, and re-imaging may provide some level of protection against malicious firmware, physically destroying the device is the BEST course of action to ensure data confidentiality.