1z0-1072-21 Exam QuestionsBrowse all questions from this exam
Go to Exam

1z0-1072-21 Exam - Question 7

You created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system so you have provisioned one using the file storage service (FSS).

You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that the application servers can access file storage service (FSS). The security team changed the settings for the DB System to have read-only access to the file system. However, when they went to test this they are unable to access the (FSS).

What change should you make to allow access to (FSS)?

Show Answer
Correct Answer: A

To allow access to the File Storage Service (FSS), create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet. This ensures that clients in the DB System subnet have the necessary permissions to access the file system in read-only mode. Without this export option, even if the security lists are properly configured, the file system access will be restricted.

Discussion

5 comments
Sign in to comment
igorifilipovic
Jan 13, 2024

Hm..."The VCN security lists are properly configured so that the application servers can access file storage service (FSS). The security team changed the settings for the DB System to have read-only access to the file system." Clearly something was not done properly. Clearly it is network problem - so or security list for nfs are not using statefull option, or security team didn't deal with nfs export properly. I vote B.

noahsarkOption: A
Jul 12, 2024

Using NFS export option access controls, you can limit clients' ability to connect to the file system and view or write data. For example, if you want to allow clients to consume but not update resources in your file system, you can set access to Read Only. https://docs.oracle.com/en-us/iaas/Content/File/Tasks/exportoptions.htm

BharatDixitOption: B
Jul 13, 2024

I agree with @igorifilipovic. The issue is they are NOT able to access FSS at all this is very important so "A" can NOT be the answer. I go for "B".

SaeedMonem
Aug 14, 2024

I vote for "B" since the scenario says that the security team has change the DB System access to Read-only, which means that have already configured the export options. Accordingly, answer "A" is not valid.

magajmariOption: B
Apr 29, 2025

B is correct