SNCF — Securing Networks with Firepower — Question 198

An administrator configures new threat intelligence sources and must validate that the feeds are being downloaded and that the intelligence is being used within the Cisco Secure Firewall system. Which action accomplishes the task?

Answer options

• A. Look at the connection security intelligence events
• B. Use the source status indicator to validate the usage
• C. View the threat intelligence observables to see the downloaded data
• D. Look at the access control policy to validate that the intelligence is being used

Correct answer: B

Explanation

The correct answer is B because the source status indicator directly indicates whether the threat intelligence feeds are being utilized. Options A and C provide information about events and observables, but they do not confirm usage. Option D looks at policy settings rather than the actual status of the feeds.