🔥 3-day streak
ISC2 CCSP — Certified Cloud Security Professional30 / 124
Question 30 of 124

A financial services firm must archive customer transaction records for seven years to meet regulatory requirements. The archived data is stored encrypted in a cloud object storage tier and is rarely accessed. During a compliance audit in year four, the security team discovers that some older archives cannot be decrypted because the encryption keys used to protect them were rotated and the previous key versions were destroyed after the standard 90-day key retention window. What is the MOST important consideration the team overlooked when designing the Archive phase of the data lifecycle?

Reviewed for accuracy · Report an issueNext question