Exam4Training

SAP P_SECAUTH_21 SAP Certified Technology Professional – System Security Architect Online Training

Question #1

What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.

  • A . Analysis of the security vulnerabilities within an SAP landscape
  • B . Results containing the list of patches that have to be applied.
  • C . Configuration checks of SAP systems
  • D . Analysis of the network configuration

Reveal Solution Hide Solution

Correct Answer: B,C
Question #2

How do you handle user "SAP ‘in AS ABAP? Note: There are 3 correct answers to this question.

  • A . Remove all authorizations from the user
  • B . Lock and expire the user in all clients
  • C . Set profile parameter login/no_automatic_user_sapstar to 0
  • D . Set profile parameter login/no_automatic_user_sapstar to 1
  • E . Lock and expire the user in all clients except 000

Reveal Solution Hide Solution

Correct Answer: A,B,D
Question #3

You are running a 3-tier SAP system landscape. Each time you are accessing STMS_IMPORT on any of these systems, you are prompted for a TMSADM password.

How can you stop this prompt from appearing?

  • A . Run the report RSUSR405 on the domain controller.
  • B . Reset the TMSADM user’s password on the system you are trying to access STMS_IMPORT.
  • C . Change the TMSA DM user’s password directly in the TMS RFC destination in transact on SM59.
  • D . Run the report TMS_ UPDATE_PWD_OF_TMSADM on the domain controller.

Reveal Solution Hide Solution

Correct Answer: D
Question #4

Which users should exist in client 000? Note: There are 2 correct answers to this question

  • A . SAP*
  • B . EARLYWATCH
  • C . SAPCPIC
  • D . TMSADM

Reveal Solution Hide Solution

Correct Answer: A,B
Question #5

What are the features of the Audit Information System (AIS)? Note: There are 2 correct answers to this question.

  • A . The roles are built from nodes in the Implementation Guide (IMG)
  • B . It can be launched directly using transact on SECR
  • C . It offers two types of audit reports: system and business
  • D . The report selection variables are configured during setup

Reveal Solution Hide Solution

Correct Answer: C,D
Question #6

A user reports an issue with data not showing up in the visualization of the SAP Fiori tiles. You want to verify the target mapping. At what level are you going to check the target mapping?

  • A . O At the catalog level in the SAP Fiori front-end server
  • B . O At the group level in the SAP Fiori front-end server
  • C . O At the group level in the SAP Fiori Launchpad
  • D . O At the application level in the Web IDE

Reveal Solution Hide Solution

Correct Answer: A
Question #7

Which type of systems can be found in the Identify Provisioning Service landscape? Note:

There are 2 correct answers to this question

  • A . Identify Provider
  • B . Source
  • C . Proxy
  • D . Service Provider

Reveal Solution Hide Solution

Correct Answer: A,B
Question #8

Which of the following user types can be used to log on interactively? Note: There are 2 correct answers to this question

  • A . System
  • B . Dialog
  • C . Communication
  • D . Service

Reveal Solution Hide Solution

Correct Answer: B,D
Question #9

You want to carry out some preparatory work for executing the SAP Security Optimization Self-service on a customer system.

Which of the following steps do you have to execute on the managed systems? Note: There are 2 correct answers to this question.

  • A . Install the ST-A/PI plug-in
  • B . Configure Secure Network Communications
  • C . Configure specific authorizations
  • D . Grant operating system access

Reveal Solution Hide Solution

Correct Answer: A,C
Question #10

Which communication methods does the SAP Fiori Launchpad use to retrieve business data? Note: There are 2 correct answers to this question

  • A . OData
  • B . InA
  • C . HOP
  • D . SNC

Reveal Solution Hide Solution

Correct Answer: B,D

Question #11

In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction.

How do you prevent the access of users to the transaction A from within the program?

  • A . Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.
  • B . Maintain SE93 with authorization objects for transact on A.
  • C . Maintain the check indicator in table TCDCOUPLES
  • D . Ensure that transact on A is NOT assigned into the same program authorization group

Reveal Solution Hide Solution

Correct Answer: B
Question #12

You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment.

Which setting do you recommend?

  • A . Changes to repository and cross-client customizing allowed
  • B . No changes to repository and cross-client customizing objects
  • C . No changes to cross-client customizing objects
  • D . No changes to repository objects

Reveal Solution Hide Solution

Correct Answer: B
Question #13

You are running an SAP HANA database in a multi database container (MDC) mode with a single tenant configured. The global_auditing_state parameter has been set to "true" on the global.ini.After restarting the system and tenant databases, the tenant did not come up.

When checking the cause, it was discovered that a tenant configuration parameter has been changed. The audit logging did NOT show any events.What could be the reason for this? Note: There are 2 correct answers to this question.

  • A . The system was offline when the changes were done
  • B . The audit level was set to INFO
  • C . The global_auditing_state parameter on the nameserver.ini file needs to be activated
  • D . The configuration parameter was changed from the OS level

Reveal Solution Hide Solution

Correct Answer: C,D
Question #14

User1 grants role 1 to user2. Who can revoke role 1 role from user2?

  • A . The system OBA user
  • B . The owner of role 1
  • C . Only User1
  • D . Any user with the ‘ROLE ADMIN’ database role

Reveal Solution Hide Solution

Correct Answer: D
Question #15

What information constitutes an indirect connection to an individual, in the context of GDPR? Note: There are 3 correct answers to this question

  • A . National Identifier
  • B . Postal Address
  • C . Date of Birth
  • D . License plate number
  • E . IP Address

Reveal Solution Hide Solution

Correct Answer: A,D,E
Question #16

What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.

  • A . Configuration check of the SAP systems and the SAP middleware components against defined configurations
  • B . Results with recommendations on how to resolve identified vulnerabilities without prioritization
  • C . Analysis of security vulnerabilities within an enterprise’s SAP landscape to ensure optimal protection against intrusions
  • D . Analysis of your operating system, database, and entire SAP system to ensure optimal performance and reliability

Reveal Solution Hide Solution

Correct Answer: A,C
Question #17

Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?

  • A . Function ID
  • B . Application ID
  • C . Process ID
  • D . Expression ID

Reveal Solution Hide Solution

Correct Answer: A
Question #18

What are the characteristics of assertion tickets? Note: There are 2 correct answers to this question.

  • A . They are used for user-to-system trusted login
  • B . They are used for system-to-system communication
  • C . They have an unconfigurable validity of 2 minutes
  • D . They are transmitted as cookies

Reveal Solution Hide Solution

Correct Answer: B,C
Question #19

You have Reason Codes already defined.

Which is the correct sequence of steps to configure a Firefighter ID in Emergency Access Management?

  • A . Maintain a Firefighter ID for Controllers and Firefighters
    Maintain an Owner for a Firefighter ID
    Maintain Access Control Owner
  • B . Maintain an Owner for a Firefighter ID
    Maintain a Firefighter ID for Controllers and Firefighters
    Maintain Access Control Owner
  • C . Maintain an Owner for a Firefighter ID
    Maintain a Firefighter ID for Controllers and Firefighters
    Maintain Access Control Owner
  • D . Maintain an Owner for a Firefighter ID
    Maintain a Firefighter ID for Controllers and Firefighters
    Maintain Access Control Owner

Reveal Solution Hide Solution

Correct Answer: C
Question #20

A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12.

What does the Return Code 12 signify?

  • A . "Objects not contained in User Buffer"
  • B . "No authorizations and does NOT have authorization object in their buffer"
  • C . "No authorizations but does have authorization object in their buffer"
  • D . "Too many parameters for authorization checks"

Reveal Solution Hide Solution

Correct Answer: C

Question #21

How do you check when and by whom profiles were assigned or deleted?

  • A . Run report RSUSR008_009_NEW with appropriate filters
  • B . Run report RSUSR100 with appropriate filters
  • C . Check system trace using transaction ST01
  • D . Check security audit log using transact on SM20

Reveal Solution Hide Solution

Correct Answer: B
Question #22

Which platform services are available in the Cloud Foundry? Note: There are 2 correct answers to this question

  • A . Commerce
  • B . Integration
  • C . Analytics
  • D . Data Quality

Reveal Solution Hide Solution

Correct Answer: B,C
Question #23

Which communication protocols are supported by the SAP Cloud Connector? Note: There are 2 correct answers to this question

  • A . NNTP
  • B . LDAP
  • C . SNA
  • D . RFC

Reveal Solution Hide Solution

Correct Answer: B,D
Question #24

What are the characteristics of HTTP security session management? Note: There are 3 correct answers to this question

  • A . Refers to the session context through the session identifier
  • B . Checks the logon credentials again for every request
  • C . Starts security sessions with a short user-based expiration time
  • D . Deletes security sessions at logoff
  • E . Creates security sessions at logon

Reveal Solution Hide Solution

Correct Answer: A,D,E
Question #25

What are the key capabilities of Event Analyzer in Enterprise Threat Detection 1.0? Note:

There are 2 correct answers to this question.

  • A . Synchronization of user contexts from ABAP Systems
  • B . Predictive threat notification
  • C . Pseudonymize user identities for data protection
  • D . Baseline detection

Reveal Solution Hide Solution

Correct Answer: C,D
Question #26

Why do you use table logging in AS ABAP?

  • A . To log changes in application data
  • B . To log changes in master data
  • C . To log changes in table technical settings
  • D . To log changes in customizing tables

Reveal Solution Hide Solution

Correct Answer: D
Question #27

What is the default authentication mechanism in the SAP Cloud Platform?

  • A . X 509 Certificates
  • B . Kerberos
  • C . SAP Logon Tickets
  • D . SAML

Reveal Solution Hide Solution

Correct Answer: D
Question #28

Which of the 7 core principles of the General Data Privacy Regulation (GDPR) requires thorough documentation of all policies and controls that govern the collection and processing of data?

  • A . Accuracy
  • B . Lawfulness, Fairness and Transparency
  • C . Accountability
  • D . Integrity and Confidentiality

Reveal Solution Hide Solution

Correct Answer: C
Question #29

What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question.

  • A . The Logon ticket is used for user-to-system communication
  • B . The Logon ticket is domain restricted
  • C . The Logon ticket has an unconfigurable lifetime validity
  • D . The Logon ticket session is held in the working memory

Reveal Solution Hide Solution

Correct Answer: A,B
Question #30

Which of the objects do you assign to an SAP Fiori tile to make it visible in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question.

  • A . Group
  • B . Role
  • C . User
  • D . Catalog

Reveal Solution Hide Solution

Correct Answer: A,D

Question #31

You are reviewing the authorizations for Core Data Services (CDS) views.

How are classic authorizations integrated with CDS authorizations?

  • A . By using the statement AUTHORITY-CHECK in the access control of the CDS view
  • B . By defining access conditions in an access rule for the CDS view
  • C . By assigning the CDS view to the authorization profile in PFCG
  • D . By defining the CDS view in the authorization object in SU21

Reveal Solution Hide Solution

Correct Answer: B
Question #32

Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?

  • A . S_RFCACL
  • B . S_ACL_HIST
  • C . S_RFC_TT
  • D . S_RFC_TTAC

Reveal Solution Hide Solution

Correct Answer: A
Question #33

You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub).

What transactions do you have to use to map a back-end system to one of those roles?

  • A . /UI2/GW_SYS_ALIAS
  • B . /IWFND/MAINT_SERVICE
  • C . SEGW
  • D . PFCG

Reveal Solution Hide Solution

Correct Answer: B
Question #34

While performing an audit of changes to the system and client change options for your production SAP S/4HANA environment, you receive the following message in transaction SCC4. "No logs found for selected period" How can you correct the problem.

  • A . Maintain parameter rec/client with value ALL
  • B . Maintain parameter rdisp/TRACE with value 3
  • C . Maintain parameter rsau/enable with value 1
  • D . Maintain parameter log-mode with value normal SAP HANA

Reveal Solution Hide Solution

Correct Answer: A
Question #35

You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub).

What transaction do you have to use to map a back-end system to one of those roles?

  • A . /UI2/GW_SYS_ALIAS
  • B . PFCG
  • C . SM59
  • D . /IWFND/MAINT_SERVICE

Reveal Solution Hide Solution

Correct Answer: B
Question #36

You want to launch classic SAP GUI transactions directly from the SAP Fiori Launchpad.

Which of the following scenarios do you choose?

  • A . Chrome, SAP Enterprise Portal, SAP GUI for Java
  • B . Chrome, SAP Cloud Platform, SAP GUI for Java
  • C . Internet Explorer, ABAP front-end server, SAP GUI for Windows
  • D . Internet Explorer, SAP Business Client, SAP GUI for Windows

Reveal Solution Hide Solution

Correct Answer: C
Question #37

You are using the SAP Web Dispatcher for load-balancing purposes.

Which actions are performed by the SAP Web Dispatcher in this scenario? Note: There are 2 correct answers to this question.

  • A . Authenticates the user’s credentials
  • B . Uses SAP logon groups to determine which requests are directed to which server
  • C . Checks current state of the message server
  • D . Decrypts the HTTPS request and then selects the server

Reveal Solution Hide Solution

Correct Answer: B,C
Question #38

What authorization object is checked when a user selects an A BAP Web Dynpro application to execute?

  • A . S_PROGRAM
  • B . S_START
  • C . S_TCODE
  • D . S_SERVICE

Reveal Solution Hide Solution

Correct Answer: B
Question #39

Where can we store the Security Audit Log events? Note: There are 2 correct answers to this question.

  • A . In the database table RSAU_BUF_DATA
  • B . In the file system of the application servers
  • C . In the SAP Solution Manager system
  • D . In a central fi e system

Reveal Solution Hide Solution

Correct Answer: B,C
Question #40

You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out these extended security checks.

What need to be done for this purpose? Note: There are 2 correct answers to this question

  • A . Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit
  • B . Run SAP Code Vulnerability Analyzer from the transaction ST01
  • C . Run the transaction ST12 to start the analysis
  • D . Run the extended syntax check from the SLIN transaction

Reveal Solution Hide Solution

Correct Answer: A,D
Exit mobile version