Which Linux command can wipe a target drive?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Digital Forensics, Investigation, and Response Test. Study with multiple choice questions that include hints and explanations. Enhance your understanding of digital forensics principles and get ready for your exam!

Multiple Choice

Which Linux command can wipe a target drive?

Explanation:
Wiping a drive means overwriting every data block on the device so the original contents aren’t recoverable. The best-fit command for this is dd because it’s a low-level copy tool that can write directly to a block device. By directing its output to the target device (for example, /dev/sdX) you overwrite the entire disk. Using an input source of zeros or random data ensures all old data is replaced. Common patterns are: - dd if=/dev/zero of=/dev/sdX bs=1M status=progress - dd if=/dev/urandom of=/dev/sdX bs=1M status=progress Always unmount any partitions on the drive and run as root, and be sure you’ve identified the correct device path to avoid wiping the wrong drive. Once finished, the partition table on that disk is typically destroyed, so you’ll need to recreate partitions before reuse. The other commands don’t wipe the whole drive in the same way. rm deletes files and directories, not hardware blocks. wipefs removes filesystem signatures, not the entire data area. shred can overwrite files and, in some cases, devices, but it’s less predictable for a full-disk wipe and can be slower or less reliable across different file systems and configurations.

Wiping a drive means overwriting every data block on the device so the original contents aren’t recoverable. The best-fit command for this is dd because it’s a low-level copy tool that can write directly to a block device.

By directing its output to the target device (for example, /dev/sdX) you overwrite the entire disk. Using an input source of zeros or random data ensures all old data is replaced. Common patterns are:

  • dd if=/dev/zero of=/dev/sdX bs=1M status=progress

  • dd if=/dev/urandom of=/dev/sdX bs=1M status=progress

Always unmount any partitions on the drive and run as root, and be sure you’ve identified the correct device path to avoid wiping the wrong drive. Once finished, the partition table on that disk is typically destroyed, so you’ll need to recreate partitions before reuse.

The other commands don’t wipe the whole drive in the same way. rm deletes files and directories, not hardware blocks. wipefs removes filesystem signatures, not the entire data area. shred can overwrite files and, in some cases, devices, but it’s less predictable for a full-disk wipe and can be slower or less reliable across different file systems and configurations.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy