Exam SY0-701 topic 1 question 165 discussion

Bro you don't reissue something after you destroy it do you? We're talking about a laptop here not an ex ;)

Destruction would make the device not usable again. Certification might make sense here if a third party was being used to sanitize the drive but usually third parties are used to destroy drives and certification is given for destruction. I think Data retention and Sanitization makes the most sense. You want to make sure you save any critical data before you erase the drive.

Since the question does not refer a third-party but to the "internal" administrator and following the CompTIA theoretical questions it's A & E. E. Sanitization. This is clear. A. Data retention. The CompTIA Student Guide and WBT refer to the "Data retention" in the "Secure Data Destruction" chapter. B. Certification is used by CompTIA only for third-party "Asset Disposal". But a third-party is not mentioned in the question. "certification - An asset disposal technique that relies on a third party to use sanitization or destruction methods for data remnant removal, and provides documentary evidence that the process is complete and successful." C. Destruction - CompTIA defines this as "Physical destruction methods include shredding, crushing ..." This is also not the case for this question.

Destruction renders the device unusable does it no? And you only need a certification after destruction from a third-party? So in reality, you would just want to back up the data and then make sure to overwrite the hard drive a couple times so that, that data can’t be recovered. 🫶🏻

To safely reissue the laptop, the administrator should sanitize the device to remove all data securely. If sanitization isn’t sufficient for highly sensitive data, destruction of the storage medium may be required.

Data destruction involves securely deleting sensitive information so it cannot be recovered. Before reissuing a laptop, it is critical to ensure that any residual data from the previous user is permanently removed to prevent unauthorized access to sensitive information.

Sanitization - cleaning the laptop memory Certification - proving that the laptop is clean.

To ensure the security of the data, the administrator should: Destruction: Physically destroy any storage media that cannot be sanitized. Sanitization: Thoroughly erase or overwrite all data on the storage media to prevent data recovery. The other options are not relevant to the scenario: Data retention: This involves keeping data for a specific period. It's not applicable in this case as the data needs to be removed. Certification: This is a process of verifying that a system or process meets specific standards. It's not relevant to data handling in this context. Classification: This involves assigning security labels to data based on its sensitivity. It's not necessary in this case as the data is being removed. Enumeration: This involves identifying and cataloging assets. It's not relevant to data handling in this context.

C. Destruction > ensures physical media is rendered unrecoverable E. Sanitization > removes and overwrites sensitive data to prevent unauthorized access. Both used to protect data security when repurposing hardware.

Its Destruction and Sanitation. This is because the laptop is been reissued and because they question did not say reissued to the "same employee" then we have to assume is been intended to be reissued for a new or another employee. therefore D&E is the answer

Th3irdEye explains my thinking

C. Destruction E. Sanitization Explanation: 1. Destruction: This involves permanently destroying any sensitive data on the laptop that is no longer needed. This ensures that no residual data from the previous user remains on the device, reducing the risk of unauthorized data access. 2. Sanitization: This involves securely wiping the laptop’s storage to remove all data and ensure that it cannot be recovered. Sanitization is critical when reissuing devices to prevent accidental disclosure of sensitive information.

The best combination of data handling activities for the administrator to perform when reissuing a former employee's laptop are: C. Destruction and E. Sanitization Destruction: Ensures that any sensitive or personal data from the previous user is permanently removed and cannot be recovered. Sanitization: Refers to thoroughly cleaning the device by securely wiping the data to prevent unauthorized access. This prepares the laptop for safe reissue to a new user. These two activities are critical for preventing any sensitive data leakage from the former employee while ensuring that the device is clean and secure for the next user.

Retention and Sanitize. Think about it. An employee leaves - you backup any pertinent company data (Retention) and reimage the computer (Sanitize). - You would not Certify it, because that's only if the drive needed to be destroyed. - You would not Destroy it because that's really only important for sensitive things, not Judy the Customer Service agent. - You would not Enumerate it (gathering info for vulnerabilities) - Classification is typically more important for data rather than devices.

The answer is C&E. Destruction here refers to destroying data not the laptop.

Agree to answer B E

A and E Sanitization refers to the process of removing or cleaning data from a device to ensure that it cannot be recovered by unauthorized individuals. This typically includes methods such as wiping or formatting the storage media While decommissioning and disposal are important, organizations often have to retain data or systems as well. Retention may be required for legal purposes with set retention periods determined by law, or retention may be associated with a legal case due to a legal hold