ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 118 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 118
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company deploys its corporate infrastructure on AWS across multiple AWS Regions and Availability Zones. The infrastructure is deployed on Amazon EC2 instances and connects with AWS IoT Greengrass devices. The company deploys additional resources on on-premises servers that are located in the corporate headquarters.

The company wants to reduce the overhead involved in maintaining and updating its resources. The company’s DevOps team plans to use AWS Systems Manager to implement automated management and application of patches. The DevOps team confirms that Systems Manager is available in the Regions that the resources are deployed in. Systems Manager also is available in a Region near the corporate headquarters.

Which combination of steps must the DevOps team take to implement automated patch and configuration management across the company’s EC2 instances, IoT devices, and on-premises infrastructure? (Choose three.)

  • A. Apply tags to all the EC2 instances, AWS IoT Greengrass devices, and on-premises servers. Use Systems Manager Session Manager to push patches to all the tagged devices.
  • B. Use Systems Manager Run Command to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers.
  • C. Use Systems Manager Patch Manager to schedule patching for the EC2 instances, AWS IoT Greengrass devices, and on-premises servers as a Systems Manager maintenance window task.
  • D. Configure Amazon EventBridge to monitor Systems Manager Patch Manager for updates to patch baselines. Associate Systems Manager Run Command with the event to initiate a patch action for all EC2 instances, AWS IoT Greengrass devices, and on-premises servers.
  • E. Create an IAM instance profile for Systems Manager. Attach the instance profile to all the EC2 instances in the AWS account. For the AWS IoT Greengrass devices and on-premises servers, create an IAM service role for Systems Manager.
  • F. Generate a managed-instance activation. Use the Activation Code and Activation ID to install Systems Manager Agent (SSM Agent) on each server in the on-premises environment. Update the AWS IoT Greengrass IAM token exchange role. Use the role to deploy SSM Agent on all the IoT devices.
Show Suggested Answer Hide Answer
Suggested Answer: CEF 🗳️
by Jeanphi72 at May 9, 2023, 10:15 a.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
4bed5ff
Highly Voted 1 year, 11 months ago
Selected Answer: CEF
I also choose E instead of B. Why E is correct: "Previously in this post, you created and deployed the SSM Agent component which would have created an IAM service role. Suppose the AWS IoT Greengrass documentation was followed to deploy the SSM agent. In that case, the name of the IAM service role should be SSMServiceRole." Why is B wrong: B is redundant given that answer C calls out Systems Manager Patch Manager which itself uses Systems Manager Run Command. Furthermore Run Command is described here to be used to run automated scripts and not to schedule patching: "we’ll demonstrate how to use Session Manager to open remote login to an edge device, patch them using Patch Manager, and run automated scripts through Run Command" Quotes above are from: https://aws.amazon.com/blogs/mt/how-to-centrally-manage-aws-iot-greengrass-devices-using-aws-systems-manager/?force_isolation=true
upvoted 8 times
...
thanhnv142
Highly Voted 1 year, 2 months ago
CEF: - < implement automated patch> means Systems Manager Patch Manager - < configuration management > means we need install system manager agent - we need to configure sufficient permissions for SSM
upvoted 7 times
...
jamesf
Most Recent 9 months, 1 week ago
Selected Answer: CEF
Systems Manager Patch Manager, System Manager Agent, permission
upvoted 1 times
...
c3518fc
1 year ago
Selected Answer: CEF
By following the combination of steps C, E, and F, the DevOps team can effectively implement automated patch and configuration management across the company's EC2 instances, IoT Greengrass devices, and on-premises infrastructure using AWS Systems Manager's capabilities and best practices.
upvoted 3 times
...
dkp
1 year ago
Selected Answer: CEF
ans is CEF
upvoted 1 times
...
DanShone
1 year, 1 month ago
Selected Answer: CEF
CEF are correct
upvoted 1 times
...
OrganizedChaos25
1 year, 11 months ago
Selected Answer: CEF
CEF are correct
upvoted 1 times
...
2pk
1 year, 11 months ago
Agreed with Parag CEF
upvoted 1 times
...
ParagSanyashiv
1 year, 11 months ago
Selected Answer: CEF
CEF make more sense.
upvoted 1 times
...
Jeanphi72
1 year, 12 months ago
Selected Answer: CEF
I disagree with the solution ... FEC for me
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago