SAP P_SECAUTH_21 SAP Certified Technology Professional – System Security Architect Online Training
SAP P_SECAUTH_21 Online Training
The questions for P_SECAUTH_21 were last updated at Dec 19,2024.
- Exam Code: P_SECAUTH_21
- Exam Name: SAP Certified Technology Professional - System Security Architect
- Certification Provider: SAP
- Latest update: Dec 19,2024
In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction.
How do you prevent the access of users to the transaction A from within the program?
- A . Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.
- B . Maintain SE93 with authorization objects for transact on A.
- C . Maintain the check indicator in table TCDCOUPLES
- D . Ensure that transact on A is NOT assigned into the same program authorization group
You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment.
Which setting do you recommend?
- A . Changes to repository and cross-client customizing allowed
- B . No changes to repository and cross-client customizing objects
- C . No changes to cross-client customizing objects
- D . No changes to repository objects
You are running an SAP HANA database in a multi database container (MDC) mode with a single tenant configured. The global_auditing_state parameter has been set to "true" on the global.ini.After restarting the system and tenant databases, the tenant did not come up.
When checking the cause, it was discovered that a tenant configuration parameter has been changed. The audit logging did NOT show any events.What could be the reason for this? Note: There are 2 correct answers to this question.
- A . The system was offline when the changes were done
- B . The audit level was set to INFO
- C . The global_auditing_state parameter on the nameserver.ini file needs to be activated
- D . The configuration parameter was changed from the OS level
User1 grants role 1 to user2. Who can revoke role 1 role from user2?
- A . The system OBA user
- B . The owner of role 1
- C . Only User1
- D . Any user with the ‘ROLE ADMIN’ database role
What information constitutes an indirect connection to an individual, in the context of GDPR? Note: There are 3 correct answers to this question
- A . National Identifier
- B . Postal Address
- C . Date of Birth
- D . License plate number
- E . IP Address
What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.
- A . Configuration check of the SAP systems and the SAP middleware components against defined configurations
- B . Results with recommendations on how to resolve identified vulnerabilities without prioritization
- C . Analysis of security vulnerabilities within an enterprise’s SAP landscape to ensure optimal protection against intrusions
- D . Analysis of your operating system, database, and entire SAP system to ensure optimal performance and reliability
Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?
- A . Function ID
- B . Application ID
- C . Process ID
- D . Expression ID
What are the characteristics of assertion tickets? Note: There are 2 correct answers to this question.
- A . They are used for user-to-system trusted login
- B . They are used for system-to-system communication
- C . They have an unconfigurable validity of 2 minutes
- D . They are transmitted as cookies
You have Reason Codes already defined.
Which is the correct sequence of steps to configure a Firefighter ID in Emergency Access Management?
- A . Maintain a Firefighter ID for Controllers and Firefighters
Maintain an Owner for a Firefighter ID
Maintain Access Control Owner - B . Maintain an Owner for a Firefighter ID
Maintain a Firefighter ID for Controllers and Firefighters
Maintain Access Control Owner - C . Maintain an Owner for a Firefighter ID
Maintain a Firefighter ID for Controllers and Firefighters
Maintain Access Control Owner - D . Maintain an Owner for a Firefighter ID
Maintain a Firefighter ID for Controllers and Firefighters
Maintain Access Control Owner
A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12.
What does the Return Code 12 signify?
- A . "Objects not contained in User Buffer"
- B . "No authorizations and does NOT have authorization object in their buffer"
- C . "No authorizations but does have authorization object in their buffer"
- D . "Too many parameters for authorization checks"