After an audit, it was discovered that several cloud storage buckets that should only be accessible by a specific department are publicly accessible. Which of the following is the MOST likely cause of this security issue?
You selected this option
The SSL/TLS certificate for the cloud service has expired.
You selected this option
Network ACLs were incorrectly set, allowing all inbound and outbound traffic.
You selected this option
The access policies for the storage buckets were misconfigured.
You selected this option
Security groups associated with the cloud servers were improperly modified.
Since the cloud storage buckets were meant to be accessible by a specific department only but are publicly accessible, it is likely that the access policies for the storage buckets were misconfigured. The correct configuration should have set the permissions to allow only the specific department access, not the general public. An expired SSL/TLS certificate would affect secure communication, but not the access policy of the storage buckets. Network ACLs and security groups are more related to network traffic control rather than defining access policies for storage buckets.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are access policies in cloud storage?
Open an interactive chat with Bash
How can misconfigured access policies be identified?
Open an interactive chat with Bash
What are the potential risks of public access to cloud storage buckets?