Ultimate access to all questions.
Answer-first summary for fast verification
Answer: Use the AWS Systems Manager Patch Manager capability.
## Explanation AWS Systems Manager Patch Manager is the correct solution because: - **Automated Patching**: Patch Manager automates the process of patching managed instances across multiple AWS services (EC2, Lightsail) and hybrid environments (on-premises servers) - **Least Operational Effort**: Once configured, Patch Manager runs automatically without manual intervention, requiring minimal ongoing operational effort - **Cross-Platform Support**: Supports Windows and Linux operating systems - **Centralized Management**: Provides a single interface to manage patching across the entire environment ### Why other options are incorrect: - **AWS Shield**: A DDoS protection service, not designed for OS/application patching - **Manual RDP connections**: High operational effort, not automated, and doesn't scale - **Amazon GuardDuty**: A threat detection service that monitors for malicious activity, not a patching solution Patch Manager allows you to scan instances for missing patches and apply them according to predefined maintenance windows, making it the most efficient solution for automated security updates.
Author: Ritesh Yadav
A company has an environment that includes Amazon EC2 instances, Amazon Lightsail, and on-premises servers. The company wants to automate the security updates for its operating systems and applications.
Which solution will meet these requirements with the LEAST operational effort?
A
Use AWS Shield to identify and manage security events.
B
Connect to each server by using a remote desktop connection. Run an update script.
C
Use the AWS Systems Manager Patch Manager capability.
D
Schedule Amazon GuardDuty to run on a nightly basis.
No comments yet.