nerdexam
Cisco

350-701 · Question #47

With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?

The correct answer is D. prevalence. Cisco AMP for Endpoints uses the Prevalence feature to show a list of all executed files in the environment.

Submitted by dimitri_ru· Mar 30, 2026

Question

With Cisco AMP for Endpoints, which option shows a list of all files that have been executed in your environment?

Options

  • Avulnerable software
  • Bfile analysis
  • Cdetections
  • Dprevalence
  • Ethreat root cause

How the community answered

(24 responses)
  • B
    4% (1)
  • C
    4% (1)
  • D
    92% (22)

Why each option

Cisco AMP for Endpoints uses the Prevalence feature to show a list of all executed files in the environment.

Avulnerable software

Vulnerable software identifies applications with known security flaws, not a list of all executed files.

Bfile analysis

File analysis is a deep dive into specific files for malware characteristics, not a comprehensive list of all executed files across the environment.

Cdetections

Detections show files that have been identified as malicious, not all files that have been executed.

DprevalenceCorrect

In Cisco AMP for Endpoints (now Secure Endpoint), the 'Prevalence' feature provides a list of all files that have been observed executing or present across the endpoints in your environment. This dashboard allows security teams to identify both common and rare executables, aiding in anomaly detection and understanding the overall file landscape.

Ethreat root cause

Threat root cause provides a detailed forensic timeline for a specific threat, not a general list of all executed files.

Concept tested: Cisco AMP for Endpoints file visibility

Source: https://docs.amp.cisco.com/en/AMPv6/AdminGuide/html/File%20Prevalence.html

Topics

#Cisco AMP for Endpoints#Endpoint Security#File Visibility

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice