CISA Certified Information Systems Auditor – Question2038

The use of symmetric key encryption controls to protect sensitive data transmitted over a communications network requires that:

A.
primary keys for encrypting the data be stored in encrypted form.
B. encryption keys be changed only when a compromise is detected at both ends.
C. encryption keys at one end be changed on a regular basis.
D. public keys be stored in encrypted form.

Correct Answer: A