A security analyst is reviewing logs and sees a former employee’s account has been used to access critical information on a private cloud resource. The analyst examines firewall and IPS logs but does not find traffic that is relevant to the breach. Which of the following is the MOST likely source of the compromise?
A. External attack
B. Internal role change
C. External privilege escalation
D. Internal attack
