🔥 3-day streak
ISC2 CISSP — Certified Information Systems Security Professional61 / 129
Question 61 of 129

A financial services company is deploying a new payment processing platform that must generate and store the master encryption keys used to protect cardholder data. Regulators require that the private keys never exist in plaintext outside a tamper-resistant boundary, and that key operations be auditable. Which control best satisfies these requirements?

Reviewed for accuracy · Report an issueNext question