CompTIA CASP+ Practice Test

To reduce the risk of data leakage during decommissioning of computing equipment, what practice should be considered?

• A. Physical destruction of devices
• B. Drive wipe only
• C. Data encryption for disposal
• D. File transfer to secure media

The correct answer is: Physical destruction of devices

To effectively mitigate the risk of data leakage during the decommissioning of computing equipment, physical destruction of devices is a recommended practice. This approach ensures that all data stored on the hardware is irretrievably destroyed, making it virtually impossible for unauthorized individuals to retrieve any information. Physical destruction involves methods such as shredding, crushing, or degaussing hard drives and other storage media. These processes eliminate any chance of data recovery, thus providing a high level of security. Organizations that handle sensitive or confidential information often adopt this practice as part of their risk management strategies, especially in compliance with various regulatory standards that mandate secure disposal of data. While other choices may offer some level of data protection—such as drive wiping or data encryption for disposal—these methods do not guarantee complete data security post-decommissioning. Drive wiping can be effective; however, if not conducted thoroughly, remnants of data may remain accessible through advanced recovery techniques. Encryption protects data while it is still in use or transit, but if the physical devices are not destroyed, the risk remains that someone could access the data encrypted on them. File transfer to secure media also does not address the original storage device’s data risk after its decommissioning. Thus, physical destruction stands out as the most effective