I have included more of the excerpt below.

I agree that you need only delete the key.

I do not understand why the official online curriculum erroneously says what it says in addition to deleting the key.

Thank you for your reply!

Thank you for your response!

I asked ChatGPT also and I have included what it had to say below.

Perhaps the definition of cryptoshredding does not account for more than deleting the key.

I am not very familiar with cloud services from AWS, Google, and Azure.

And I wonder if they would allow for the customer to perform a wipe on the drive. I think they handle that on their end and a cryptoshred is all a customer can do.

Here is a screenshot of the slide:

Here’s the quiz:

This is something you should establish before you sign up with your CSP if the data they are hosting is at all sensitive.  You will not control the cryptography for all services offered by CSPs e.g. SaaS applications, so it is important to understand what happens to your data once your subscription ends.  This may be stated in the agreement with the CSP but you should also examine other evidence such as a SOC2 type 2 and any ISO certifications if available.

Yes, I agree with your statement.

It should be discussed before sign up.

So I personally disagree with this.  With Cryptoshredding, the Key is the only thing touched.  The data is not rewritten.

@CBMExamTeam  @DJExamTeam Could one of you provide guidance on this training material OR forward  to someone that can provide an explanation.

Perhaps a better word for "rewrite" would be protect.

Others?

d