Basic Concept: Threat modeling for any system, and especially for agentic AI systems with multiple interacting components, begins with understanding the system ' s architecture and where trust boundaries exist. Trust boundaries define where data and control flows cross between components with different trust levels, representing potential attack surfaces. CompTIA SecAI+ Study Guide aligns with STRIDE and MITRE ATLAS threat modeling methodologies.
Why B is Correct: Identifying trust boundaries between components is the foundational first step in threat modeling. Agentic systems often involve multiple components such as the orchestrator, tools, APIs, data sources, and external services with different trust levels. Understanding where these boundaries exist reveals where untrusted inputs cross into trusted components, enabling the architect to systematically identify threats at each boundary before proceeding to risk quantification and control application.
Why A is Wrong: Applying compensating controls based on exposure findings is the final step in threat modeling, occurring after threats have been identified and risks quantified. Controls cannot be appropriately designed without first understanding the system ' s trust boundaries and threat landscape.
Why C is Wrong: Calculating risk to resources based on data sensitivity is a risk assessment step that occurs after trust boundaries are mapped and potential threats are identified. Risk quantification requires knowing what threats exist at each boundary first.
Why D is Wrong: Scanning for OWASP Top 10 vulnerabilities is a technical vulnerability assessment activity. While valuable, it comes after the architectural analysis of trust boundaries and threat identification phases of threat modeling.
