1d • 🙋♂️ CISSP
CISSP Practice Question – Security Architecture & Engineering (Post-Quantum Risk & Long-Term Data Confidentiality)
A pharmaceutical company stores decades of proprietary research data in encrypted archives. Recent threat intelligence reports warn that several nation-state actors are collecting large volumes of encrypted data today (“harvest-now, decrypt-later”) in preparation for future quantum decryption capabilities. The company currently uses RSA-2048 for key exchange and AES-256 for bulk encryption.
What is the MOST critical action to take to protect the long-term confidentiality of this archived data?
A. Increase RSA key length to 4096 bits to delay quantum-based decryption timelines.
B. Migrate to a hybrid post-quantum key-establishment scheme (e.g., classical + lattice-based) for future encryptions and begin re-encrypting high-value archives.
C. Deploy quantum-random number generators (QRNGs) to improve entropy for new cryptographic keys.
D. Implement HSM-protected symmetric keys with annual rotation to strengthen present-day cryptographic hygiene.
1
12 comments
CISSP Practice Question – Security Architecture & Engineering (Post-Quantum Risk & Long-Term Data Confidentiality)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+30
3
+30
4
+26
5
+15
Powered by