P_SECAUTH_21 Online Practice Questions and Answers

Why do you use table logging in AS ABAP?

A. To log changes in application data

B. To log changes in master data

C. To log changes in table technical settings

D. To log changes in customizing tables

A user has the authorization to execute SP01. What can this user access with authorization object S_ SPO_ ACT when the 'Value for Authorization Check' field is set to "_USER?

A. All spool requests for all users in the client

B. All spool requests for users in the same user group

C. User's own spool requests

D. All spool requests for a specific user in the client

Which tool do you use to customize the SAP HANA default password policy? Note: There are 2 correct answers to this question.

A. SAP HANA Lifecycle Manager

B. SAP HANA Studio

C. SAP HANA Cockpit

D. SAP Web IDE

Your customer runs a 3-tier environment You are asked to set up controls around monitoring the sensitive objects (such as programs, user-exits, function modules) in a development system before they are transported to the quality assurance system.

Which table would you maintain to monitor such sensitive objects before executing an import?

A. TMSCDES

B. TMSBUFFER

C. TMSMCONF

D. TMSTCRI

You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to

accept and forward client certificates were done. Users complain that they can't log in to the back-end system.

How can you check the cause?

A. Run back-end transaction SMICM and open the trace file

B. Run back-end system trace using ST12

C. Run gateway transaction /IWFND/TRACES

D. Run gateway transaction /IWFND/ ERRORJ.OG

In your SAP HCM system, you are implementing structural authorizations for your users. What are the characteristics of this authorization type? Note: There are 2 correct answers to this question.

A. The structural profile is maintained and assigned to users using the Profile Generator

B. The structural profile determines the access mode which the user can perform

C. The structural profile is maintained and assigned to users using the Implementation Guide

D. The structural profile determines the accessible object in the organizational structure

You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment.

Which setting do you recommend?

A. Changes to repository and cross-client customizing allowed

B. No changes to repository and cross-client customizing objects

C. No changes to cross-client customizing objects

D. No changes to repository objects

What is the User Management Engine (UME) property "connect on pooling" used for? Note: There are 2 correct answers to this question.

A. To improve performance of requests to the LDAP directory server

B. To avoid unauthorized request to the LDAP directory server

C. To create a new connect on to the LDAP directory server for each request

D. To share server resources among requesting LDAP clients

In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction. How do you prevent the access of users to the transaction A from within the program?

A. Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.

B. Maintain SE93 with authorization objects for transact on A.

C. Maintain the check indicator in table TCDCOUPLES

D. Ensure that transact on A is NOT assigned into the same program authorization group

To prevent session fixation and session hijacking attacks, SAP's HTTP security session management is highly recommended. What are the characteristics of HTTP security session management? Note: There are 2 correct answers to this question.

A. It uses URLs containing sap-context d to identify the security session

B. The system is checking the logon credentials again for every request

C. The security sessions are created during logon and deleted during logoff.

D. The session identifier is a reference to the session context transmitted through a cookie.

The SAP HANA database is installed with multi database container (MDC) mode with multiple tenant databases configured.

What are the required activities to enable access between tenants? Note: There are 2 correct answers to this question.

A. Create user mapping between local and remote tenant databases

B. Configure smart data access (SDA) between the relevant HANA tenants

C. Set whitelist of cross-tenant database communication channel

D. Decrease the level of isolation mode on all MDC tenants

Which communication methods does the SAP Fiori Launchpad use to retrieve business data? Note: There are 3 correct answers to this question.

A. HTIP(S)

B. Trusted RFC

C. Secure Network Communication (SNC)

D. Info Access (InA)

E. Data

Which data source needs to be integrated into SAP Identity Management via the Virtual Directory Server (VOS)?

A. AS ABAP

B. AS Java

C. LDAP

D. SAP HCM

What are characteristics only valid for the MDC high isolation mode?

A. Every tenant has its own set of OS users

B. All internal database communication is secured using SNC

C. Every tenant has its own set of database users

D. Every tenant has its own set of database users belonging to the same sapsys group

Which features does the SAP Router support? Note: There are 2 correct answers to this question.

A. Balancing the load to ensure an even distribution across the back-end servers

B. Terminating, forwarding and (re)encrypting requests, depending on the SSL configuration

C. Password-protecting connections from unauthorized access from outside the network

D. Controlling and logging network connections to SAP systems