When it comes to magnetic media sanitization, what difference can be made between clearing and purging information?
Click on the arrows to vote for the correct answer
A. B. C. D.B.
The removal of information from a storage medium is called sanitization.
Different kinds of sanitization provide different levels of protection.A distinction can be made between clearing information (rendering it unrecoverable by a keyboard attack) and purging (rendering it unrecoverable against laboratory attack)
There are three general methods of purging media: overwriting, degaussing, and destruction.
There should be continuous assurance that sensitive information is protected and not allowed to be placed in a circumstance wherein a possible compromise can occur.
There are two primary levels of threat that the protector of information must guard against: keyboard attack (information scavenging through system software capabilities) and laboratory attack (information scavenging through laboratory means).Procedures should be implemented to address these threats before the Automated Information System (AIS) is procured, and the procedures should be continued throughout the life cycle of the AIS.
Reference(s) use for this question: SWANSON, Marianne & GUTTMAN, Barbara, National Institute of Standards and Technology (NIST), NIST Special Publication 800-14, Generally Accepted Principles and Practices for Securing Information Technology Systems, September 1996 (page 26)
and A guide to understanding Data Remanence in Automated Information Systems.
Clearing and purging are two methods of sanitizing magnetic media to prevent the recovery of sensitive information.
Clearing involves overwriting the entire magnetic media with non-sensitive data or with a pattern of 0's and 1's. The number of times the media is overwritten and the method used to overwrite the data depends on the sensitivity of the information and the requirements of the organization. Clearing ensures that the data on the media is irretrievable, and the media can be safely reused or disposed of.
Purging, on the other hand, involves removing the sensitive information from the media by deleting file headers or directory structures that point to the data. Purging does not necessarily overwrite the entire media, but it makes the sensitive information unrecoverable by normal methods. However, it is still possible to recover some or all of the sensitive data using sophisticated laboratory techniques such as magnetic force microscopy, which can read residual magnetic traces on the media.
Therefore, the correct answer is D. Clearing renders information unrecoverable against a laboratory attack, and purging renders information unrecoverable to a keyboard attack. Clearing ensures that the media is completely sanitized and prevents any chance of data recovery, whereas purging removes the data from the media and makes it difficult to recover through normal means.