Assume SAP P_SECAUTH_21 Dumps PDF Are going to be The Best Score [Q34-Q51]

October 2, 2022 admin 0 Comments

5/5 - (4 votes)

Assume SAP P_SECAUTH_21 Dumps PDF Are going to be The Best Score

SAP Certified Technology Professional P_SECAUTH_21 Exam and Certification Test Engine

SAP P_SECAUTH_21 Exam Syllabus Topics:

Topic	Details
Topic 1	Describe and implement the authorization concept for SAP Business Suite SAP Netweaver Application Server and Infrastructure Security
Topic 2	Authorization Concept for SAP Business Suite Security Monitoring and Security Auditing
Topic 3	Describe the security goals, data privacy goverance Authorization, Security and Scenarios in SAP HANA
Topic 4	Explain how to secure an SAP system and conduct security checks Explain security and scenarios in SAP Cloud platform

NO.34 What are the characteristics of assertion tickets? Note: There are 2 correct answers to this question.

They are used for user-to-system trusted login

They are used for system-to-system communication

They have an unconfigurable validity of 2 minutes

They are transmitted as cookies

NO.35 How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

The tables containing sensitive data must be associated with table groups in table TBRG.

The field DICBERCLS of the authorization object must enumerate all table names of the tables containing sensitive data.

Authorization table groups containing tables with sensitive data must be defined in table TDDAT and these must be omitted for all employees who do not need access to these tables

The tables containing sensitive data must be named using the authorization object S_TA BU_NAM for all responsible administrator employees. The fields DICBERCLS of the object S_TABU_DIS can

then be filled with *.

NO.36 Which OData authorizations are required for a user to see business data in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question.

Start authorization in the SAP Fiori front-end system

Access authorization in the SAP Fiori front-end system

Access authorization in the SAP S/4HANA back-end system

Start authorization in the SAP S/4HANA back-end system

NO.37 Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration interface? Note: There are 2 correct answers to this question.

Use a separate port for the content

Use access restrictions with the icm/HTTP/auth_<xx> profile parameter

Use subparameter ALLOWPUB = FALSE of the profile parameter icm/server_port_<xx>

Use Secure Socket Layer (SSL) for password encrypt on

NO.38 You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transaction do you have to use to map a back-end system to one of those roles?

/UI2/GW_SYS_ALIAS

PFCG

SM59

/IWFND/MAINT_SERVICE

NO.39 The SSO authentication using X.509 client certificates is configured. Users complain that they can’t log in to the back-end system. The trace file shows the following error message: “HTTP request [2/5/9] Reject untrusted forwarded certificate”. What is missing in the configuration? Note: There are 2 correct answers to this question.

On the back-end, the profile parameter icm/HTTPS/verify client must NOT be set to 0

On the web-dispatcher, the SAPSSLS.pse must be signed by a trusted certification authority

On the web-dispatcher, the profile parameter icm/HTTPS/verify_client must be set to 0

The web dispatcher’s SAPSSLC.PSE certificate must be added to the trusted reverse proxies list in icm/trusted_reverse_proxy_<xx>

NO.40 Which tool do you use to customize the SAP HANA default password policy? Note: There are 2 correct answers to this question.

SAP HANA Lifecycle Manager

SAP HANA Studio

SAP HANA Cockpit

SAP Web IDE

NO.41 Your customer runs a 3-tier environment You are asked to set up controls around monitoring the sensitive objects (such as programs, user-exits, function modules) in a development system before they are transported to the quality assurance system.
Which table would you maintain to monitor such sensitive objects before executing an import?

TMSCDES

TMSBUFFER

TMSMCONF

TMSTCRI

NO.42 You are running an SAP HANA database in a multi database container (MDC) mode with a single tenant configured. The global_auditing_state parameter has been set to “true” on the global.ini.After restarting the system and tenant databases, the tenant did not come up. When checking the cause, it was discovered that a tenant configuration parameter has been changed. The audit logging did NOT show any events.What could be the reason for this? Note: There are 2 correct answers to this question.

The system was offline when the changes were done

The audit level was set to INFO

The global_auditing_state parameter on the nameserver.ini file needs to be activated

The configuration parameter was changed from the OS level

NO.43 How would you control access to the ABAP RFC function modules? Note: There are 2 correct answers to this question.

O Block RFC Callback Whitelists

O Restrict RFC authorizations

O Deactivate switchable authorization checks

O Implement UCON functionality

NO.44 You want to carry out some preparatory work for executing the SAP Security Optimization Self-service on a customer system. Which of the following steps do you have to execute on the managed systems? Note: There are 2 correct answers to this question.

Install the ST-A/PI plug-in

Configure Secure Network Communications

Configure specific authorizations

Grant operating system access

NO.45 What authorization objects do we need to create job steps with external commands in a background job? Note: There are 2 correct answers to this question.

S_ADMI_FCD

S_LOG_COM

S_RZL_ADM

S_BTCH_EXT

NO.46 How do you check when and by whom profiles were assigned or deleted?

Run report RSUSR008_009_NEW with appropriate filters

Run report RSUSR100 with appropriate filters

Check system trace using transaction ST01

Check security audit log using transact on SM20

NO.47 A system user created a User1 and a schema on the HANA database with some dat a. User2 is developing modelling views and requires access to objects in User1’s schema. What needs to be done?

User1 should grant _SYS_REPO with SELECT WITH GRANT privilege

User2 needs to be granted with the same roles like User1

System user should grant User2 with SELECT privilege to User 1schema

ROLE ADMIN needs to be granted to User2

NO.48 How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?

It installs the CA certificate response

It exports an SNC SAPCRYPTOLIB certificate and imports it into the partner system

It creates the SNC_LIB environment variable

It sets the profile parameters for SAP SNC and SPNego in the default profile

NO.49 In addition to the authorization /UI2/LAUNCHPAD, which other authorizations are required to assign to an SAP Fiori Launchpad user? Note: There are 2 correct answers to this question.

/U12/INTEROP

/UI2JPAGE_BUILDER_CUST

/UI2/FLC

/U12JPAGE_BUILDER_PERS

NO.50 When re-configuring the user management engine (UME) of an AS Java system, what do you need to consider to change the data source from system database to an ABAP system successfully?

The logon security policy for the existing users is aligned with the logon security policy in the ABAP system.

All users and groups in the system database must have different IDs than existing users and groups in the ABAP system.

You need to import the users from the system database into the ABAP system.

You must manually replace the UME configuration file dataSourceConfiguration_database_only.xmlwith an appropriate dataSourceConfiguration_abap.xmlfile.

NO.51 What are characteristics only valid for the MDC high isolation mode?

Every tenant has its own set of OS users

All internal database communication is secured using SNC

Every tenant has its own set of database users

Every tenant has its own set of database users belonging to the same sapsys group

Loading …