2d • 🙋♂️ CISSP
CISSP Practice Question (Domain 3: Security Architecture & Engineering / Cryptographic Key Management)
A global enterprise is transitioning from long-term symmetric encryption keys to an automated key rotation system using hardware security modules (HSMs).
During the rollout, application owners express concern that frequent rotation may disrupt legacy integrations and availability.
What should the security architect do FIRST?
A. Enforce the new key-rotation policy across all systems immediately
B. Perform a risk assessment to evaluate availability impact and integration dependencies
C. Allow legacy systems to retain long-term keys indefinitely
D. Delay implementation until all applications are modernized
1
20 comments
CISSP Practice Question (Domain 3: Security Architecture & Engineering / Cryptographic Key Management)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+43
2
+29
3
+24
4
+23
5
+21
Powered by