SOA-C02 Exam QuestionsBrowse all questions from this exam
Go to Exam

SOA-C02 Exam - Question 364

A company's SysOps administrator manages a fleet of hundreds of Amazon EC2 instances that run Windows-based workloads and Linux-based workloads. Each EC2 instance has a tag that identifies its operating system. All the EC2 instances run AWS Systems Manager Session Manager.

A zero-day vulnerability is reported, and no patches are available. The company's security team provides code for all the relevant operating systems to reduce the risk of the vulnerability. The SysOps administrator needs to implement the code on the EC2 instances and must provide a report that shows that the code has successfully run on all the instances.

What should the SysOps administrator do to meet these requirements as quickly as possible?

Show Answer
Correct Answer: A

To meet the requirements as quickly as possible, the SysOps administrator should use AWS Systems Manager Run Command. This service allows the execution of commands on multiple EC2 instances simultaneously, making it efficient for managing a large fleet. Using the AWS-RunShellScript document for Linux and the AWS-RunPowerShellScript document for Windows, the administrator can run the security team's code based on the operating system tags of the instances. This method ensures that the code is executed on the relevant instances without manual intervention. The Run Command history provides a record of the execution, which can be used as evidence to demonstrate that the code has successfully run on all instances.

Discussion

6 comments
Sign in to comment
Christina666Option: A
Jul 29, 2023

Explanation: The AWS Systems Manager Run Command allows the SysOps administrator to execute commands on multiple EC2 instances simultaneously, which is crucial for managing a large fleet of instances efficiently. By using the AWS-RunShellScript or AWS-RunPowerShellScript documents, the SysOps administrator can run the code provided by the security team on both Windows-based and Linux-based instances, as required. The SysOps administrator can specify the operating system tag as a target parameter, ensuring that the code is only executed on the relevant instances, which saves time and prevents errors. AWS Systems Manager keeps a history of Run Command executions, providing an easy way to provide evidence to the security team that the code has successfully run on all instances.

jas26saysOption: A
Jul 21, 2023

You don´t need to re-image your instances, just apply the code with RunCommand.

nizammusasoac02Option: A
Aug 9, 2023

A is for sure

nizammusasoac02Option: A
Aug 15, 2023

run command

trvtrinh
Jul 22, 2023

A Option A is the most efficient and automated way to quickly implement the code on all EC2 instances and provide evidence to the security team. AWS Systems Manager Run Command allows you to run commands on multiple instances simultaneously, making it ideal for fleet management. By choosing the appropriate AWS-RunShellScript (for Linux) or AWS-RunPowerShellScript (for Windows) document, the SysOps administrator can execute the code provided by the security team on the instances based on their operating system tags. The command history provides a record of the execution, and this evidence can be shared with the security team to demonstrate that the code has successfully run on all instances.

eesa
Jun 30, 2024

option A using Systems Manager Run Command is the most efficient and effective way to implement the security code provided by the security team across all EC2 instances and to provide a report or evidence of successful execution to the security team