350-701 · Question #47
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?
The correct answer is D. prevalence. Cisco AMP for Endpoints uses the Prevalence feature to show a list of all executed files in the environment.
Question
With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?
Options
- Avulnerable software
- Bfile analysis
- Cdetections
- Dprevalence
- Ethreat root cause
How the community answered
(24 responses)- B4% (1)
- C4% (1)
- D92% (22)
Why each option
Cisco AMP for Endpoints uses the Prevalence feature to show a list of all executed files in the environment.
Vulnerable software identifies applications with known security flaws, not a list of all executed files.
File analysis is a deep dive into specific files for malware characteristics, not a comprehensive list of all executed files across the environment.
Detections show files that have been identified as malicious, not all files that have been executed.
In Cisco AMP for Endpoints (now Secure Endpoint), the 'Prevalence' feature provides a list of all files that have been observed executing or present across the endpoints in your environment. This dashboard allows security teams to identify both common and rare executables, aiding in anomaly detection and understanding the overall file landscape.
Threat root cause provides a detailed forensic timeline for a specific threat, not a general list of all executed files.
Concept tested: Cisco AMP for Endpoints file visibility
Source: https://docs.amp.cisco.com/en/AMPv6/AdminGuide/html/File%20Prevalence.html
Topics
Community Discussion
No community discussion yet for this question.