SOA-C02 · Question #604
SOA-C02 Question #604: Real Exam Question with Answer & Explanation
The correct answer is D: Use AWS Systems Manager Patch Manager default patch baselines to keep all the instances. AWS Systems Manager Patch Manager is the purpose-built AWS-native solution for automating OS and software patching across fleets of EC2 instances - it uses default patch baselines, patch groups, and maintenance windows to handle patching at scale with zero manual intervention, de
Question
A company is migrating many on-premises servers to Amazon EC2 instances. The company currently maintains the operating systems and the installed software manually. A SysOps administrator must recommend a solution to automate upgrades to the software and systems on the instances. Which solution will meet this requirement with the MOST operational efficiency?
Options
- AInstall third-party patch management software on an instance. Give the instance SSH access to
- BUse EC2 Instance Connect and SSH to connect to each instance. Configure a cron job to run
- CUse AWS Systems Manager Session Manager to log in to each instance. Configure a cron job to
- DUse AWS Systems Manager Patch Manager default patch baselines to keep all the instances
Explanation
AWS Systems Manager Patch Manager is the purpose-built AWS-native solution for automating OS and software patching across fleets of EC2 instances - it uses default patch baselines, patch groups, and maintenance windows to handle patching at scale with zero manual intervention, delivering maximum operational efficiency.
Why the distractors fail:
- A requires installing and maintaining third-party software on a dedicated instance plus managing SSH access - more operational overhead, not less.
- B requires manually SSHing into each instance to set up cron jobs - this doesn't scale and is error-prone across many servers.
- C replaces SSH with Session Manager (an improvement in access security) but still requires logging into each instance individually to configure cron jobs - same scalability problem as B.
All three distractors share the same flaw: they require per-instance manual work, which defeats the goal of automation at scale.
Memory tip: When an AWS question asks about patching/upgrading EC2 instances with least operational overhead, map it to SSM Patch Manager - it's the "set it and forget it" AWS-native answer. The keyword chain is: fleet patching → Systems Manager → Patch Manager → patch baselines.
Topics
Community Discussion
No community discussion yet for this question.