Answer-first summary for fast verification
Answer: Build new base images when patches are available, and use a CI/CD pipeline to rebuild VMs, deploying incrementally.
The question emphasizes leveraging the elastic nature of cloud computing for Windows VM patching. Option A is optimal because it aligns with cloud-native best practices: building new base images with patches and using CI/CD pipelines for incremental VM rebuilds ensures consistency, reduces drift, and supports automation. This approach is supported by the community consensus (86% upvotes for A) and detailed reasoning, such as avoiding patching individual running instances and using tools like Packer. Option C (Deployment Manager with Instance Groups) is a valid alternative for orchestration but is less comprehensive than A's CI/CD integration. Option B (Domain Controller with Group Policy) is on-premises-centric and contradicts cloud elasticity. Option D (rebooting with startup scripts) is unreliable, as it depends on internet access and lacks idempotency, making it unsuitable for production environments. While some comments mention VM Manager for patching, it is not among the options, and A remains the most robust solution given the available choices.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
A customer has deployed an application on Compute Engine that leverages the elastic nature of the cloud. How can you collaborate with Infrastructure Operations Engineers to ensure that Windows Compute Engine virtual machines are kept updated with the latest operating system patches?
A
Build new base images when patches are available, and use a CI/CD pipeline to rebuild VMs, deploying incrementally.
B
Federate a Domain Controller into Compute Engine, and roll out weekly patches via Group Policy Object.
C
Use Deployment Manager to provision updated VMs into new serving Instance Groups (IGs).
D
Reboot all VMs during the weekly maintenance window and allow the StartUp Script to download the latest patches from the internet.
No comments yet.