Which of the following are included in cryptographic key operations under PCI P2PE?

In PCI P2PE, cryptographic key operations cover the full lifecycle of the keys used to protect card data. This means generating the keys, distributing them securely to the devices or systems that will use them, loading or injecting the keys into secure modules, administering the keys (including access control, versioning, revocation, and rotation), and using the keys in actual cryptographic processes. This broad set ensures keys are created securely, provisioned properly, managed throughout their life, and used correctly in encryption and decryption. The other options focus on only a single aspect (like rotation, or storage security) or omit key operations entirely, so they don’t reflect the complete scope defined for PCI P2PE.