ISC2 Certified Cloud Security Professional (CCSP) Practice Question
A public IaaS provider encrypts all customer SSD volumes with unique keys stored in its KMIP-compliant key manager. A tenant asks that a 2 TB volume containing payment card data be sanitized immediately upon deletion to meet NIST SP 800-88 Purge requirements and avoid unnecessary wear on the SSD hardware. Which sanitization method should the cloud operator choose?
Send an ATA Secure Erase (trim) command to the underlying SSD.
Delete the volume's encryption key to perform a cryptographic erase.
Physically shred the SSD and issue a destruction certificate.
Overwrite the entire virtual disk with one pass of random data.
For self-encrypting media, NIST SP 800-88 Rev. 1 states that destroying or deleting the encryption key constitutes a Purge-level sanitization because the data become unreadable even if the physical blocks remain. Cryptographic erase is almost instantaneous and involves no additional writes, so it minimizes SSD wear and cost. Single-pass overwrites may not fully sanitize SSDs due to wear-leveling and take much longer. Shredding the drive is a Destroy method that removes the asset from service entirely, increasing cost and downtime. ATA Secure Erase or trim may fail if issued through a virtualized storage layer and still incurs additional program/erase cycles on the SSD. Therefore, cryptographic erase by deleting the volume's key is the most appropriate choice.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does KMIP-compliant mean?
Open an interactive chat with Bash
Why is cryptographic erase considered a Purge-level sanitization method?
Open an interactive chat with Bash
What is NIST SP 800-88, and why is it important?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Concepts, Architecture and Design
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .