Which of the following is a common security misconfiguration in cloud applications?

In cloud applications, misconfigurations often come from not enforcing secure defaults and access controls. Exposed dashboards happen when admin interfaces are accessible without proper authentication or left publicly reachable, giving attackers a direct route to sensitive controls. Default credentials are a classic pitfall—using well-known or unchanged usernames and passwords makes accounts easy to break into, especially in scalable cloud environments. Overly permissive IAM means granting more permissions than necessary, which enlarges the impact if an account is compromised. Since each of these situations is a common risk you’ll encounter in real deployments, the best choice is that all of these are common misconfigurations. To reduce risk, secure dashboards behind strong authentication and network controls, rotate or disable default credentials, and apply least privilege with regular IAM reviews and automated configuration checks.