nerdexam
Cisco

350-701 · Question #125

Which Cisco AMP file disposition valid?

The correct answer is B. malware. This question asks to identify a valid file disposition status used by Cisco AMP.

Submitted by mike_84· Mar 30, 2026Endpoint Security

Question

Which Cisco AMP file disposition valid?

Options

  • Apristine
  • Bmalware
  • Cdirty
  • Dnonmalicios

How the community answered

(39 responses)
  • A
    5% (2)
  • B
    92% (36)
  • D
    3% (1)

Why each option

This question asks to identify a valid file disposition status used by Cisco AMP.

Apristine

'Pristine' is not a standard, codified file disposition used by Cisco AMP.

BmalwareCorrect

'Malware' is a valid and commonly used file disposition in Cisco AMP, indicating that a file has been identified as malicious by AMP's analysis engines. Other common dispositions include Clean, Unknown, and Potentially Unwanted Application (PUA).

Cdirty

'Dirty' is not a standard, codified file disposition used by Cisco AMP.

Dnonmalicios

'Nonmalicious' is a descriptive term, but 'Clean' is the specific, codified disposition used by Cisco AMP for files determined to be not malicious.

Concept tested: Cisco AMP File Dispositions

Source: https://docs.amp.cisco.com/en/file_dispositions.html

Topics

#Cisco AMP#File Disposition

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice