Which of these is an example of an external threat to cloud security?

Denial of Service (DoS) attacks are considered an external threat to cloud security because they originate from outside an organization's network and target cloud-based resources, like web applications or services. These attacks aim to disrupt the availability of services by overwhelming the targeted system with traffic, ultimately preventing legitimate users from accessing the resources.

In the broader context of cloud security, external threats stem from malicious actors working outside the organization's infrastructure, attempting to exploit vulnerabilities or overload services. In contrast, the other options relate more to internal issues or risks that arise from within an organization or result from poor management practices rather than direct external adversarial actions. Server misconfigurations and software bugs typically result from internal oversight, while data leaks due to negligence involve mishandling sensitive information.