Which statement best describes the difference between security intelligence and typical firewall ACLs in preventing malicious traffic?
A. Security intelligence uses a dictionary list of keywords, which, if detected in the data payload, will trigger a security event.
B. Using intelligence feeds that provide IP addresses with known bad reputations, malicious activity is blocked before any other policy-based inspection, analysis, or traffic handling is performed.
C. ACLs provide a more granular ability to control known bad IP addresses that have a poor reputation. Security intelligence feeds are broader in scope.
D. Security intelligence feeds can be used to detect security issues in improperly configured ACLs.
E. ACLs provide superior reflexive ACL entries, based on the known IP address that has a poor reputation, which will automatically be installed in the inspection engine of NGFWs.
