In the context of AWS Identity and Access Management (IAM) policies, consider the following policy attached to a user or role:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Deny", "Action": "s3:", "Resource": "arn:aws:s3:::EXAMPLE-BUCKET/private" }, { "Effect": "Allow", "Action": ["s3:PutObject", "s3:GetObject"] "Resource": "arn:aws:s3:::EXAMPLE-BUCKET/*", } ] }

This policy is composed of two statements:

1. A "Deny" statement that applies to all S3 actions on objects within the path "EXAMPLE-BUCKET/private*".
2. An "Allow" statement that permits the s3:PutObject and s3:GetObject actions on all objects within "EXAMPLE-BUCKET/*".

Based on this information, which of the following statements is correct per the given policy?