During a security audit, a known vulnerability was discovered in the guest OS of the organization’s large Amazon EC2 fleet. A SysOps Administrator must ensure that this vulnerability is mitigated on time.
What is the MOST efficient way for the Administrator to accomplish this task?

Answer options:

A.Open a case with AWS Support requesting that the deployment of the security patch be prioritized.
B.Deploy the security patch by using AWS Systems Manager for the entire fleet of EC2 instances.
C.Perform a Stop and Start of the EC2 instances to force them to an already-patched state.
D.Have AWS automatically install the security patch during the weekly maintenance window. 

Correct Answer: B
The AWS Documentation mentions the following.
AWS Systems Manager Patch Manager automates the process of patching managed instances with security-related updates. For Linux-based instances, you can also install patches for non-security updates. You can patch fleets of Amazon EC2 instances or your on-premises servers and virtual machines (VMs) by operating system type. This includes supported versions of Windows, Ubuntu Server, Red Hat Enterprise Linux (RHEL), SUSE Linux Enterprise Server (SLES), Amazon Linux, and Amazon Linux 2. You can scan instances to see only a report of missing patches, or you can scan and automatically install all missing patches.
Options A and D are incorrect since patching of the servers is the responsibility of the customer.
Option C is incorrect since the start and stop action will not cause automatic patching.
For more information on the Systems Patch Manager, please visit the below URL-
https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-patch.html