Exam AWS Certified SysOps Administrator - Associate topic 1 question 333 discussion

A: I see a "Resource Group" as the same as a "Patch Group", other than it was created by AWS Resource Groups Service. As I see it, both just apply tags to AWS instances. B: I don't see the term "schedule" EVER being used with Patch Manager. I'm of the opinion that a "Maintenance Window" isn't the same thing in this context. C: See the SSM Runbooks for patching "AWS-RunPatchBaseline" D: I couldn't find an SSM Runbook for monitor/control patch states. E: Maintenance Window is Patch Group setting F: I can't find a reference for using Fleet Manager with Patch Manager or run books.

E not correct because it would increase the administrative burden rather than reducing it.B, correct answer Patch Manager helps automate the process of patching managed instances. By creating a patching schedule and targeting the resource groups created in step A, the administrator can ensure that patching is performed consistently and in line with company standards.

A - Patch group B - patch manager policy D - Monitoring This is the best outcome I can see. from clickopsing on the console. I am able to create a patch policy which schedules install and scan activities based on custom cron or daily/weekly. I can deploy these by resource group in the UI. This policy seems to be a better practice than older methods such as run command or ssm baseline/maintenance window. The last point in the document mentions monitoring. I hope that AWS has followed their own documentation on best practices when I answer this in my exam. https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-console.html#:~:text=Verify%20that%20the,and%20investigate%20failures

AAAAAAAAAAAAAACCCCCCCCCCCCCCCCCCEEEEEEEEEEEEE

A: By grouping similar EC2 instances into resource groups, you can easily manage and apply patching configurations and schedules to specific sets of instances. This helps to organize and target the patching process effectively. B: Using Systems Manager Patch Manager, you can create a patching schedule that defines when the patching operations should occur. By specifying the appropriate resource group as the target, you ensure that the patching schedule is applied to the specific group of instances. C: Systems Manager Automation runbooks provide predefined workflows that can automate common operational tasks, such as patching. You can create and register Automation runbooks to handle the patching process for the operating systems on your EC2 instances. By specifying the appropriate resource group as the target for the runbooks, you ensure that the patching is applied to the specific group of instances.