Can anyone clarify the correct configuration for ensuring media streams remain encrypted during high-concurrency load tests to pass our CSA STAR Level II audit requirements? We are running JMeter 5.6.2 against the US1 region with 500 concurrent agents simulating predictive routing scenarios. The test setup involves a simple Architect flow with a single queue and direct SIP trunk integration. During the load spike, we observe that while the signaling path (SIP/SDP) remains secure, the actual RTP media streams occasionally drop encryption flags in the Wireshark captures, specifically when the WebSocket connection pool hits its limit of 200 concurrent sessions per tenant. The error manifests as a compliance gap in our audit report, citing potential exposure of PII in unencrypted audio packets. We have verified that TLS 1.2 is enforced on all API endpoints, and the Architect flow does not contain any data actions that would strip encryption headers. The issue seems to correlate with the /api/v2/architect/flows endpoint returning a 200 OK status, yet the underlying media server appears to fallback to SRTP negotiation failures under heavy load. Is there a specific tenant-level setting or Architect flow configuration that forces strict SRTP enforcement regardless of concurrent call volume? We need to ensure that the media encryption remains intact even when the system is operating at 90% capacity to satisfy the auditor’s requirement for zero-trust media handling.