Which of the following is required by key management procedures to prevent unauthorized substitution of cryptographic keys?

• A. The procedures specify processes to prevent unauthorized substitution of keys.
• B. The procedures require only periodic audits.
• C. The procedures focus on physical security of servers.
• D. The procedures require no changes to key rotation.

Answer: (A)

Preventing unauthorized substitution of cryptographic keys requires explicit processes in key management procedures. These procedures define how keys are created, stored, distributed, rotated, and retired, and they incorporate controls like dual control and separation of duties, key versioning and inventory management, protection of cryptographic modules, formal change management with approvals, and comprehensive logging and monitoring. Together, these measures ensure that no one can substitute a key or introduce an untrusted key without detection. Merely relying on periodic audits or focusing only on physical security doesn’t directly prevent substitutions in real time, and insisting on no rotation ignores the need to refresh and revoke compromised keys.