A pharmaceutical company stores decades of proprietary research data in encrypted archives. Recent threat intelligence reports warn that several nation-state actors are collecting large volumes of encrypted data today (“harvest-now, decrypt-later”) in preparation for future quantum decryption capabilities. The company currently uses RSA-2048 for key exchange and AES-256 for bulk encryption. What is the MOST critical action to take to protect the long-term confidentiality of this archived data? A. Increase RSA key length to 4096 bits to delay quantum-based decryption timelines. B. Migrate to a hybrid post-quantum key-establishment scheme (e.g., classical + lattice-based) for future encryptions and begin re-encrypting high-value archives. C. Deploy quantum-random number generators (QRNGs) to improve entropy for new cryptographic keys. D. Implement HSM-protected symmetric keys with annual rotation to strengthen present-day cryptographic hygiene.

Proud to say that I passed the CISSP today. My strategies were to simply: 1. Use ai 2. Ask copilot to design a reading schedule to breakdown the book into manageable Active reading sessions. 3. Tell it each chapter start page and end page so it know how many pages each chapter is. 4. Tell it the percentage of each domain and which domains are in each chapter. 5. Tell it your test date or your goal to read the entire book. 6. Ask it to design a table that shows the date, time commitment, the task, the chapters and domains, and the number of pages to read. Make sure it makes sense to you. Ask it to refactor based on what you believe you can achieve. Its good to be honest with yourself and copilot here. 7. refactor your reading schedule as necessary. factor in days off, rest, and practice tests in between domains to measure and reinforce recall. 1. I did a chapter a week for three months straight every evening at 6pm. Saturday's I would try to read a whole chapter. Sundays are reserved for rest or practice questions. 2. Read each chapter from beginning to end... *a must* 3. Do the written labs for each chapter... *a must* 4. Do each chapter review. ... *a must* 1. Buy LearnZapp and/or Quantum Exams 2. Both are great.. having both helped with test taking skill building. 3. Take practice tests on weekend and domain review questions and go through each domain as you work through the book. 4. by reading each of the chapters and taking notes. And doing real world application and correlation to anchor the principles with prior experience you'll get the hang of what it intends to teach and groom you into... to thinking like upper management and not an engineer... focusing more on policy that technical solutions... 5. I was able to recall and correlate different domains with the questions that were presented in the actual test better this way. Took me two tries and about 400 hours... of honest focused study.

A national intelligence agency is designing a new system to process both Top Secret and Unclassified data simultaneously. Engineers propose using a formally verified microkernel operating system that enforces strict separation between processes through hardware-based memory isolation. During review, an executive asks why the team insists on this complex design instead of using simpler software-based access controls at the application layer. Which concept BEST justifies the microkernel approach? A. Complete mediation — ensuring every access request is validated against the security policy. B. Security kernel — implementing reference monitor functions at the lowest level of the system. C. Layered defense — using multiple, independent safeguards at different levels of abstraction. D. Economy of mechanism — minimizing system complexity to reduce potential vulnerabilities.