According to the CHFI v11 Cloud Computing Threats and Attacks module, a Wrapping Attack (also known as a SOAP wrapping attack ) is a well-documented vulnerability that targets SOAP-based web services commonly used in cloud environments. This attack exploits weaknesses in how XML signatures are validated within SOAP messages.

In a wrapping attack, the adversary intercepts a legitimate SOAP message , duplicates or modifies the message body , and then reinserts it into the SOAP envelope while preserving the original digital signature. Because some SOAP implementations validate only the signature and not the exact structure or position of the message body, the server mistakenly processes the attacker-controlled payload as if it originated from an authenticated user. This allows the attacker to execute unauthorized actions or malicious code within the cloud service.

CHFI v11 explicitly identifies wrapping attacks as a serious threat to cloud-based web services , especially those relying on SOAP and XML security mechanisms. The attack directly aligns with the scenario described: interception, duplication of the SOAP message body, impersonation of a legitimate user, and unauthorized access.

The other options are unrelated: Domain sniffing involves intercepting DNS traffic, cybersquatting targets domain name registration abuse, and domain hijacking involves taking control of a domain. None involve SOAP message manipulation.

Therefore, the cloud-based attack performed in this scenario—fully aligned with CHFI v11 documentation—is a Wrapping attack , making Option D the correct answer.