CompTIA CASP+ CAS-004 – Question088

A pharmaceutical company recently experienced a security breach within its customer-facing web portal. The attackers performed a SQL injection attack and exported tables from the company's managed database, exposing customer information.
The company hosts the application with a CSP utilizing the IaaS model. Which of the following parties is ultimately responsible for the breach?

A.
The pharmaceutical company
B. The cloud software provider
C. The web portal software vendor
D. The database software vendor

Correct Answer: B