🔥 40% Off Crucial Exams Memberships — This Week Only

2 days, 12 hours remaining!
Crucial Exams

ISC2 Systems Security Certified Practitioner (SSCP) Practice Question

Your company runs hundreds of Amazon EC2 instances in several AWS accounts. A critical vulnerability in OpenSSL has been disclosed, and security policy requires that all affected Linux instances be patched within 24 hours and that management receive a compliance report showing which hosts were updated successfully. Which approach best meets these requirements while minimizing manual effort?

  • Add an inbound rule to every EC2 security group that blocks TCP port 443 traffic until the vendor releases an automatic fix for the vulnerability.

  • Rebuild golden Amazon Machine Images (AMIs) with the patched OpenSSL library and roll them out by forcing Auto Scaling groups in each account to perform an instance refresh.

  • Manually SSH into each EC2 instance using a bastion host and run the distribution's package manager to install the updated OpenSSL package.

  • Use AWS Systems Manager Patch Manager with a centrally shared patch baseline and a maintenance window to deploy the OpenSSL update and produce compliance reports across all accounts.

ISC2 Systems Security Certified Practitioner (SSCP)
Systems and Application Security
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot