A developer is using a third-party cloud service via Web APIs for backup of unencrypted user
photos. The use of this service is invisible to the end user. Incorporation of this service into the
application introduces which potential key security risk?

A.
User data breach on cloud provider’s systems

B.
Breaking backward compatibility

C.
Reflected XSS

D.
Application instability in case of cloud provider outage

Explanation: