ExamTopics Logo
Mail Us[email protected]
Menu
Amazon Discussions
exam questions

Exam AWS Certified DevOps Engineer - Professional DOP-C02 All Questions

View all questions & answers for the AWS Certified DevOps Engineer - Professional DOP-C02 exam
Go to Exam

Exam AWS Certified DevOps Engineer - Professional DOP-C02 topic 1 question 236 discussion

Exam question from Amazon's AWS Certified DevOps Engineer - Professional DOP-C02
Question #: 236
Topic #: 1
[All AWS Certified DevOps Engineer - Professional DOP-C02 Questions]

A company uses Amazon EC2 as its primary compute platform. A DevOps team wants to audit the company's EC2 instances to check whether any prohibited applications have been installed on the EC2 instances.

Which solution will meet these requirements with the MOST operational efficiency?

  • A. Configure AWS Systems Manager on each instance. Use AWS Systems Manager Inventory. Use Systems Manager resource data sync to synchronize and store findings in an Amazon S3 bucket. Create an AWS Lambda function that runs when new objects are added to the S3 bucket. Configure the Lambda function to identify prohibited applications.
  • B. Configure AWS Systems Manager on each instance. Use Systems Manager Inventory Create AWS Config rules that monitor changes from Systems Manager Inventory to identify prohibited applications.
  • C. Configure AWS Systems Manager on each instance. Use Systems Manager Inventory. Filter a trail in AWS CloudTrail for Systems Manager Inventory events to identify prohibited applications.
  • D. Designate Amazon CloudWatch Logs as the log destination for all application instances. Run an automated script across all instances to create an inventory of installed applications. Configure the script to forward the results to CloudWatch Logs. Create a CloudWatch alarm that uses filter patterns to search log data to identify prohibited applications.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by getadroit at July 6, 2024, 10:32 p.m.
Disclaimers:
  • - ExamTopics website is not related to, affiliated with, endorsed or authorized by Amazon.
  • - Trademarks, certification & product names are used for reference only and belong to Amazon.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jamesf
Highly Voted 8 months, 3 weeks ago
Selected Answer: B
keywords: AWS Systems Manage, Systems Manager Inventory, AWS Config rule
upvoted 5 times
...
GripZA
Most Recent 1 week ago
Selected Answer: B
AWS Systems Manager Inventory integrates with AWS Config to record inventory data for historical views, change tracking, or auditing. When you use AWS Config recording for systems inventory data you can enable scenarios such as tracking newly installed or removed software applications, assessing security risks, troubleshooting, and tracking license usage. Additionally, you can create AWS Config Rules to define compliance rules based on inventory data (such as, detecting a blacklisted application) and take remediation action (such as sending email notifications or running an AWS Lambda function to uninstall the application) automatically.
upvoted 1 times
...
limelight04
8 months ago
Selected Answer: B
Option B: Configure AWS Systems Manager on each instance. Use Systems Manager Inventory and create AWS Config rules that monitor changes from Systems Manager Inventory to identify prohibited applications. This approach leverages Systems Manager Inventory and AWS Config to efficiently track and identify prohibited applications while minimizing operational overhead.
upvoted 3 times
...
[Removed]
8 months, 1 week ago
Selected Answer: B
B fir nme
upvoted 4 times
...
tgv
9 months, 2 weeks ago
---> B
upvoted 2 times
...
getadroit
9 months, 3 weeks ago
B https://aws.amazon.com/blogs/mt/preventing-blacklisted-applications-with-aws-systems-manager-and-aws-config/
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago