ExamTopics Logo
Mail Us[email protected]
Menu
Oracle Discussions
exam questions

Exam 1z0-1072-21 All Questions

View all questions & answers for the 1z0-1072-21 exam
Go to Exam

Exam 1z0-1072-21 topic 1 question 7 discussion

Actual exam question from Oracle's 1z0-1072-21
Question #: 7
Topic #: 1
[All 1z0-1072-21 Questions]

You created a virtual cloud network (VCN) with three private subnets. Two of the subnets contain application servers and the third subnet contains a DB System. The application requires a shared file system so you have provisioned one using the file storage service (FSS).
You also created the corresponding mount target in one of the application subnets. The VCN security lists are properly configured so that the application servers can access file storage service (FSS). The security team changed the settings for the DB System to have read-only access to the file system. However, when they went to test this they are unable to access the (FSS).
What change should you make to allow access to (FSS)?

  • A. Create an NFS export option that allows READ_ONLY access where the source is the CIDR range of the DB System subnet.
  • B. Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateful.
  • C. Create an instance principal for the DB System. Write an Identity and Access Management (IAM) policy that allows the instance principal read-only access to the file storage service.
  • D. Modify the security list associated with the subnet where the mount target resides. Change the ingress rules corresponding to the DB System subnet to be stateless.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by igorifilipovic at Jan. 13, 2023, 9:16 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
SaeedMonem
5 months, 3 weeks ago
I vote for "B" since the scenario says that the security team has change the DB System access to Read-only, which means that have already configured the export options. Accordingly, answer "A" is not valid.
upvoted 1 times
...
BharatDixit
6 months, 3 weeks ago
Selected Answer: B
I agree with @igorifilipovic. The issue is they are NOT able to access FSS at all this is very important so "A" can NOT be the answer. I go for "B".
upvoted 1 times
...
noahsark
6 months, 3 weeks ago
Selected Answer: A
Using NFS export option access controls, you can limit clients' ability to connect to the file system and view or write data. For example, if you want to allow clients to consume but not update resources in your file system, you can set access to Read Only. https://docs.oracle.com/en-us/iaas/Content/File/Tasks/exportoptions.htm
upvoted 2 times
...
igorifilipovic
1 year ago
Hm..."The VCN security lists are properly configured so that the application servers can access file storage service (FSS). The security team changed the settings for the DB System to have read-only access to the file system." Clearly something was not done properly. Clearly it is network problem - so or security list for nfs are not using statefull option, or security team didn't deal with nfs export properly. I vote B.
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago