Examtopics

コメント(17)

• The primary focus of Patch Manager, a capability of AWS Systems Manager, is on installing operating systems security-related updates on managed nodes. By default, Patch Manager doesn't install all available patches, but rather a smaller set of patches focused on security. (Ref https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-how-it-works-selection.html)

  Run Command allows you to automate common administrative tasks and perform one-time configuration changes at scale. (Ref https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html)

  Seems like patch manager is meant for OS level patches and not 3rd party applications. And this falls under run command wheelhouse to carry out one-time configuration changes (update of 3rd part application) at scale.

  👍 24

  tinyfoot2022/11/12

• D AWS Systems Manager Run Command allows the company to run commands or scripts on multiple EC2 instances. By using Run Command, the company can quickly and easily apply the patch to all 1,000 EC2 instances to remediate the security vulnerability.

  Creating an AWS Lambda function to apply the patch to all EC2 instances would not be a suitable solution, as Lambda functions are not designed to run on EC2 instances. Configuring AWS Systems Manager Patch Manager to apply the patch to all EC2 instances would not be a suitable solution, as Patch Manager is not designed to apply third-party software patches. Scheduling an AWS Systems Manager maintenance window to apply the patch to all EC2 instances would not be a suitable solution, as maintenance windows are not designed to apply patches to third-party software

  👍 13

  Shasha12022/12/13
• 正解だと思う選択肢: D

  D, Use run command to run custom command to apply patch ASAP to a large number of instances A, not designed to run long-performing tasks B, automates process of patching instances to latest security updates, but it's timely C, good choice but not the quickest one

  👍 3

  pazabal2022/12/20