Amazon Exam SCS-C02 Topic 4 Question 45 Discussion

Actual exam question for Amazon's SCS-C02 exam

Question #: 45
Topic #: 4

For compliance reasons a Security Engineer must produce a weekly report that lists any instance that does not have the latest approved patches applied. The Engineer must also ensure that no system goes more than 30 days without the latest approved updates being applied

What would the MOST efficient way to achieve these goals?

AUse Amazon inspector to determine which systems do not have the latest patches applied, and after 30 days, redeploy those instances with the latest AMI version

BConfigure Amazon EC2 Systems Manager to report on instance patch compliance and enforce updates during the defined maintenance windows

CExamine IAM CloudTrail togs to determine whether any instances have not restarted in the last 30 days, and redeploy those instances

DUpdate the AMls with the latest approved patches and redeploy each instance during the defined maintenance window

Show Suggested Answer

Suggested Answer: B

Amazon EC2 Systems Manager is a service that helps you automatically collect software inventory, apply OS patches, create system images, and configure Windows and Linux operating systems3.You can use Systems Manager to report on instance patch compliance and enforce updates during the defined maintenance windows4. The other options are either inefficient or not feasible for achieving the goals.

by Mary at May 04, 2025, 12:28 AM

Limited Time Offer

25%

Off

Get Premium SCS-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!