CISA Certified Information Systems Auditor – Question0043

Which of the following conditions would be of MOST concern to an IS auditor assessing the risk of a successful brute force attack encrypted data at rest?

A.
Use of symmetric encryption
B. Use of asymmetric encryption
C. Random key generation
D. Short key length

Correct Answer: D