Amazon DOP-C02 Exam - Topic 2 Question 7 Discussion

Actual exam question for Amazon's DOP-C02 exam

Question #: 7
Topic #: 2

A company runs an application with an Amazon EC2 and on-premises configuration. A DevOps engineer needs to standardize patching across both environments. Company policy dictates that patching only happens during non-business hours.

Which combination of actions will meet these requirements? (Choose three.)

AAdd the physical machines into AWS Systems Manager using Systems Manager Hybrid Activations.

BAttach an IAM role to the EC2 instances, allowing them to be managed by AWS Systems Manager.

CCreate IAM access keys for the on-premises machines to interact with AWS Systems Manager.

DRun an AWS Systems Manager Automation document to patch the systems every hour.

EUse Amazon EventBridge scheduled events to schedule a patch window.

FUse AWS Systems Manager Maintenance Windows to schedule a patch window.

Show Suggested Answer

Suggested Answer: A, B, F

by Kirk at May 27, 2023, 08:46 PM

Limited Time Offer

25%

Off

Get Premium DOP-C02 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Caprice

4 months ago

I disagree with D, running it every hour seems excessive.

upvoted 0 times

...

Edna

4 months ago

F is the best way to handle maintenance windows, no doubt!

upvoted 0 times

...

Pamella

4 months ago

Wait, can you really use IAM access keys for on-prem machines? Sounds risky.

upvoted 0 times

...

Erasmo

4 months ago

I think E is a must too for scheduling.

upvoted 0 times

...

Alline

4 months ago

Definitely A and B are needed for management!

upvoted 0 times

...

Yolando

5 months ago

I practiced a similar question, and I think adding physical machines into Systems Manager is important, but I’m uncertain about the frequency of the patching.

upvoted 0 times

...

Aretha

5 months ago

I feel like using Maintenance Windows is the right approach for scheduling patches, but I can't recall if EventBridge is also necessary.

upvoted 0 times

...

Mariann

5 months ago

I think we definitely need to attach an IAM role to the EC2 instances. That seems like a crucial step for management.

upvoted 0 times

...

Glenn

5 months ago

I remember we discussed using AWS Systems Manager for patching, but I'm not sure if we need to create IAM access keys for on-premises machines.

upvoted 0 times

...

Tamra

5 months ago

I think the real-time scan would consume the most resources since it's constantly monitoring the system for threats.

upvoted 0 times

...

Aaron

5 months ago

Okay, I think I've got a strategy here. I'll focus on looking for the statement that indicates the security threats are becoming more advanced or complex.

upvoted 0 times

...

Charlie

5 months ago

I'm a little confused by this question. The Product Owner has a lot of responsibilities, and I'm not entirely sure which ones are included or excluded. I'll have to review my notes and try to eliminate the options that don't seem to fit.

upvoted 0 times

...

Carli

5 months ago

I'm feeling confident about this one. When an email is from a safelist domain, the antivirus scanning process is usually skipped, as the email is considered low-risk. I'll select option B.

upvoted 0 times

...