ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified Solutions Architect - Associate SAA-C03 All Questions

View all questions & answers for the AWS Certified Solutions Architect - Associate SAA-C03 exam
Go to Exam

Exam AWS Certified Solutions Architect - Associate SAA-C03 topic 1 question 329 discussion

Exam question from Amazon's AWS Certified Solutions Architect - Associate SAA-C03
Question #: 329
Topic #: 1
[All AWS Certified Solutions Architect - Associate SAA-C03 Questions]

A security audit reveals that Amazon EC2 instances are not being patched regularly. A solutions architect needs to provide a solution that will run regular security scans across a large fleet of EC2 instances. The solution should also patch the EC2 instances on a regular schedule and provide a report of each instance’s patch status.

Which solution will meet these requirements?

  • A. Set up Amazon Macie to scan the EC2 instances for software vulnerabilities. Set up a cron job on each EC2 instance to patch the instance on a regular schedule.
  • B. Turn on Amazon GuardDuty in the account. Configure GuardDuty to scan the EC2 instances for software vulnerabilities. Set up AWS Systems Manager Session Manager to patch the EC2 instances on a regular schedule.
  • C. Set up Amazon Detective to scan the EC2 instances for software vulnerabilities. Set up an Amazon EventBridge scheduled rule to patch the EC2 instances on a regular schedule.
  • D. Turn on Amazon Inspector in the account. Configure Amazon Inspector to scan the EC2 instances for software vulnerabilities. Set up AWS Systems Manager Patch Manager to patch the EC2 instances on a regular schedule.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by Neha999 at Feb. 18, 2023, 2:05 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
elearningtakai
Highly Voted 1 year, 9 months ago
Selected Answer: D
Amazon Inspector is a security assessment service that automatically assesses applications for vulnerabilities or deviations from best practices. It can be used to scan the EC2 instances for software vulnerabilities. AWS Systems Manager Patch Manager can be used to patch the EC2 instances on a regular schedule. Together, these services can provide a solution that meets the requirements of running regular security scans and patching EC2 instances on a regular schedule. Additionally, Patch Manager can provide a report of each instance’s patch status.
upvoted 10 times
...
LuckyAro
Highly Voted 1 year, 10 months ago
Selected Answer: D
Amazon Inspector is a security assessment service that helps improve the security and compliance of applications deployed on Amazon Web Services (AWS). It automatically assesses applications for vulnerabilities or deviations from best practices. Amazon Inspector can be used to identify security issues and recommend fixes for them. It is an ideal solution for running regular security scans across a large fleet of EC2 instances. AWS Systems Manager Patch Manager is a service that helps you automate the process of patching Windows and Linux instances. It provides a simple, automated way to patch your instances with the latest security patches and updates. Patch Manager helps you maintain compliance with security policies and regulations by providing detailed reports on the patch status of your instances.
upvoted 5 times
...
awsgeek75
Most Recent 12 months ago
Selected Answer: D
A handy reference page for such questions is: https://aws.amazon.com/products/security/ Amazon Inspector = vulnerability detection = patching https://aws.amazon.com/inspector/
upvoted 2 times
...
Guru4Cloud
1 year, 3 months ago
Selected Answer: D
dddddddddd
upvoted 2 times
...
Steve_4542636
1 year, 10 months ago
Selected Answer: D
Inspecter is for EC2 instances and network accessibility of those instances https://portal.tutorialsdojo.com/forums/discussion/difference-between-security-hub-detective-and-inspector/
upvoted 2 times
...
TungPham
1 year, 10 months ago
Selected Answer: D
Amazon Inspector for EC2 https://aws.amazon.com/vi/inspector/faqs/?nc1=f_ls Amazon system manager Patch manager for automates the process of patching managed nodes with both security-related updates and other types of updates. http://webcache.googleusercontent.com/search?q=cache:FbFTc6XKycwJ:https://medium.com/aws-architech/use-case-aws-inspector-vs-guardduty-3662bf80767a&hl=vi&gl=kr&strip=1&vwsrc=0
upvoted 3 times
...
jennyka76
1 year, 10 months ago
answer - D https://aws.amazon.com/inspector/faqs/
upvoted 3 times
...
Neha999
1 year, 10 months ago
D as AWS Systems Manager Patch Manager can patch the EC2 instances.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel