A systems administrator is decommissioning several servers that have reached their end-of-life (EoL). The servers were used to process and store sensitive customer financial data. According to company policy and industry best practices, which of the following is the MOST critical action to perform before the servers are physically removed from the data center for disposal?
Perform a cryptographic erase or physical destruction of all storage media.
Update the asset management database to mark the servers as 'decommissioned'.
Contact a certified e-waste vendor to schedule a pickup for recycling.
Remove the servers from all monitoring, backup, and patching systems.
The correct answer is to perform a cryptographic erase or physical destruction of all storage media. When a server that stored sensitive information reaches its end-of-life, the highest priority is to ensure the data is irrecoverably destroyed to prevent data breaches. Data sanitization methods like cryptographic erasure, or physical destruction (shredding, crushing) are standard procedures outlined in frameworks like NIST SP 800-88 to render data unrecoverable. Simply deleting files is insufficient, as the data can often be recovered.
Contacting an e-waste vendor is a necessary step for environmentally responsible disposal, but it must occur after the data has been securely sanitized. Updating the asset management database and removing the server from monitoring are important administrative tasks in the decommissioning process, but they do not address the primary security risk of data remanence on the physical drives.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.