7. Strategies for cryptographic security
Set Business Priority
3
Low [1]
Urgent [4]
1. How are SSL/TLS certificates managed across environments?
2. Is a Public Key Infrastructure (PKI) implemented and maintained internally?
3. How are code signing certificates tracked and used?
4. Are there automated alerts for certificate expiration or compromise?
5. Do you support certificate pinning and mTLS (mutual TLS) in critical systems?
6. Do you use traffic inspection tools (like Zeek, Wireshark, or Decrypt TLS with appropriate key access) for cryptographic analysis?
7. Which third-party vendors or partners do you use for encryption services?
8. Do you have a centralized Key Management System (KMS)?
9. What standards are followed for key lifecycle management?
10. Are keys rotated regularly (automatically or manually)?
11. How is key destruction handled?
12. Are encryption keys stored separately from encrypted data?
Save
Submit for Assessment