Final answer:
The true statement about suspending a key is that suspended keys can be reactivated. This is a temporary measure allowing the key to be brought back into use if necessary, and it is not considered a bad practice.
Step-by-step explanation:
The statement 'C. Suspended keys can be reactivated' is true. When it comes to security practices, especially in digital environments like encryption and access management, suspending a key is a temporary measure. It is often done as a precaution or when a key is temporarily not needed, but there is a possibility that it will be needed again in the future. Unlike revocation, suspension does not mean that the key has been permanently disabled. It's more akin to a temporary deactivation, allowing for the possibility to reactivate the key if necessary. Suspended keys also maintain their original expiration date and will eventually expire if not extended. It's also worth noting that suspending keys is not a bad practice; in fact, it's often part of a good key management strategy to temporarily disable keys rather than delete them immediately.
For example, in a computer network, an administrator may suspend a user's access key if they are suspected of engaging in unauthorized activities. Once the investigation is complete, if the user is found innocent, their key can be reactivated and they can regain access to the network.