Question 18 - ECcouncil CHFI 312-49v10 Real Exam Questions [April 2026 Update]

Q: 18

John is working on his company policies and guidelines. The section he is currently working on covers company documents; how they should be handled, stored, and eventually destroyed. John is concerned about the process whereby outdated documents are destroyed. What type of shredder should John write in the guidelines to be used when destroying documents?

Options

Correct Answer:

Explanation

A cross-cut shredder, also known as a confetti-cut shredder, offers a higher level of security compared to a strip-cut shredder. It cuts documents both vertically and horizontally, creating small, diamond-shaped or rectangular pieces that are significantly more difficult to reassemble. For a corporate policy concerned with the secure destruction of documents, which may contain sensitive or confidential information, the cross-cut method provides a necessary level of protection against data reconstruction. This aligns with the principle of rendering information unrecoverable, a key goal in media sanitization.

Why Incorrect

A. Strip-cut shredder: This method cuts documents into long, parallel strips. These strips are relatively easy to reconstruct, either manually or with software, making it unsuitable for sensitive corporate documents.

C. Cross-hatch shredder: This is not a standard industry term for a type of paper shredder. It is likely a distractor option intended to sound similar to the correct term.

D. Cris-cross shredder: This is not a standard industry term for a type of paper shredder. It is a distractor option meant to confuse the test-taker with the correct "cross-cut" terminology.

References

1. National Institute of Standards and Technology (NIST). (2014). Special Publication 800-88 Revision 1: Guidelines for Media Sanitization.

Section 2.5, "Destruction," states that physical destruction techniques should be used to "render Target Data recovery infeasible using state of the art laboratory techniques." Cross-cut shredding more effectively meets this requirement for paper media than strip-cut shredding by creating smaller, harder-to-reassemble particles. The international standard DIN 66399, often referenced in security contexts, classifies shredders by security levels (P-1 to P-7), where cross-cut shredders achieve higher security levels (typically P-3/P-4) appropriate for confidential data.

2. University of California, Berkeley, Information Security Office. (n.d.). Securely Deleting Data.

In its guidance on physical media destruction, the office recommends, "For paper, use a cross-cut shredder which is more secure than a strip-cut shredder." This reflects the accepted best practice in academic and enterprise environments for protecting sensitive information on physical documents.

3. Syracuse University. (n.d.). IT Policy: Secure Data and Device Disposals.

The policy specifies requirements for destroying physical media containing confidential data. It states, "Paper documents containing confidential data must be destroyed by... cross-cut shredding." This illustrates a direct application of the principle in a formal institutional policy, establishing cross-cut shredding as the standard for secure document disposal.

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE