What change should be implemented for a DB System to have read-only access to a file system?

The correct choice involves creating an NFS export option that allows read-only access from the DB System's CIDR. This option is appropriate because Network File System (NFS) enables sharing of files and directories over a network. By setting the NFS export with a READ_ONLY access option, you can effectively control how the DB System interacts with the file system. This ensures that while the DB System can read the files, it cannot modify or write to them, thereby maintaining data integrity and security.

Implementing this change is vital in environments where data consistency is critical, as it prevents unintended modifications by the DB System. Additionally, configuring the access based on the DB System’s CIDR ensures that only the designated system can access the shared file system, enhancing security by limiting exposure to other networks or unauthorized applications.

In contrast, other choices do not appropriately address the requirement for read-only access in the context of file sharing via NFS. For instance, changing permissions using the Unix chmod command would affect file system permissions directly on the host instead of through NFS management. Ensuring read and write permissions contradicts the need for read-only access, and updating app servers to restrict access does not directly configure the DB System’s access to the file system itself.