The correct answer is A because the attacker is extracting sensitive information by observing indirect signals from shared hardware resources rather than by directly reading the victim’s data. In this case, the clues are co-residency on the same physical host, shared CPU cache behavior, timing analysis, and key extraction. Those are the classic characteristics of a side-channel attack in cloud environments. CHFI v11 includes cloud computing threats and attacks, so candidates are expected to recognize when multitenant resource sharing becomes the attack surface. This is not service hijacking through network sniffing or social engineering, and it is not a wrapping attack involving modified XML or SOAP-style message structures. The forensic significance lies in the fact that the attacker exploited shared infrastructure effects to infer protected data from another tenant’s workload. In cloud security analysis, when a malicious virtual machine is intentionally placed on the same host and hardware side effects are used to recover secrets, the correct classification is a side-channel attack. That is the best fit for the behavior described in the scenario.