SNCF — Securing Networks with Firepower — Question 319

A network engineer wants to add a third-party threat feed into the Cisco FMC for enhanced threat detection. Which action should be taken to accomplish this goal?

Answer options

• A. Enable Rapid Threat Containment using REST APIs.
• B. Enable Rapid Threat Containment using STIX and TAXII.
• C. Enable Threat Intelligence Director using REST APIs.
• D. Enable Threat Intelligence Director using STIX and TAXII.

Correct answer: D

Explanation

The correct answer is D because enabling Threat Intelligence Director with STIX and TAXII allows for the integration of third-party threat feeds effectively. Options A and B focus on Rapid Threat Containment, which is not the correct approach for this specific integration, while option C suggests using REST APIs for Threat Intelligence Director, which does not support the required threat feed format.