A company was convinced their cloud implementation was very secure$.$ However, a security audit conducted by a third$-$party cloud security company discovered a vulnerability. Which of the following could have contributed to$,$ or explains, the vulnerability?

Group of answer choices

Since they didn't have physical access, they could not fully test their IaaS implementation.

The vulnerability was most likely due to an oversight by the cloud provider.

They missed an operating system patch in the SaaS implementation they were running.

They failed to clearly understand the responsibility matrix.