A new zero-day vulnerability was found in OpenSSL requiring the immediate patching of a production web fleet running on Amazon Linux. Currently, OS updates are performed manually on a monthly basis and deployed using updates to the production Auto Scaling Group's launch configuration. Which method should a DevOps Engineer use to update packages in-place without downtime?
A) Use AWS CodePipline and AWS CodeBuild to generate new copies of these packages, and update the Auto Scaling group's launch configuration.
B) Use AWS Inspector to run "yum upgrade" on all running production instances, and manually update the AMI for the next maintenance window.
C) Use Amazon EC2 Run Command to issue a package update command to all running production instances, and update the AMI for future deployments.
D) Define a new AWS OpsWorks layer to match the running production instances, and use a recipe to issue a package update command to all running production instances.
Correct Answer:
Verified
Q41: A company wants to adopt a methodology
Q42: An IT team has built an AWS
Q43: After presenting a working proof of concept
Q44: A company discovers that some IAM users
Q45: A DevOps Engineer is working with an
Q47: A DevOps Engineer must improve the monitoring
Q48: A company is using AWS CodeDeploy to
Q49: A government agency has multiple AWS accounts,
Q50: A healthcare company has a critical application
Q51: A DevOps Engineer needs to deploy a
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents