What is the focus of threat modeling in information warfare?

• A. Identifying staff training needs
• B. Identifying potential threats and vulnerabilities
• C. Evaluating the physical security of assets
• D. Assessing financial risks of operations

Answer: (B)

Threat modeling focuses on discovering what could go wrong by identifying what you are protecting, who might attack, what they could do, and where weaknesses lie. It is a planning activity that zeroes in on potential threats and the vulnerabilities that could be exploited, providing the basis for prioritizing mitigations and design changes. In information warfare, this means analyzing adversaries, their objectives and methods, and the attack surfaces of information systems to forecast likely attack paths and strengthen defenses accordingly. While other security concerns like staff training, physical security, or financial risk are important parts of overall risk management, they don’t capture the core aim of threat modeling, which is to map threats to vulnerabilities and prioritize defenses.