Option D is the strongest answer because the scenario clearly describes a multi-tenant cloud environment in which the provider failed to properly separate one customer’s resources from another’s. That is the classic problem of insufficient resource isolation . When tenant separation is weak, an attacker can cross boundaries between customer environments, access unauthorized data, and potentially move laterally across shared infrastructure.

This fits the fact pattern far better than the other options. Failure in due diligence concerns poor vendor selection, but the direct technical cause here is not selection error; it is the isolation failure itself. Loss of client control is a general cloud concern but does not specifically explain how the breach occurred. Lack of monitoring may explain why the attack went unnoticed, but it is not the root threat described in the question.

From a CHFI cloud-forensics perspective, investigators must recognize threats linked to multi-tenancy , data segregation failures , and provider-side weaknesses in shared environments. Since the breach affected several accounts because tenant boundaries failed, the correct answer is insufficient resource isolation causing cross-tenant data exposure .