In your SAP HCM system, you are implementing structuralauthorizations for your users. What are the characteristics of thisauthorization type? There are 2 correct answers to this question The structural profile determines the accessible object in the organizational structure The structural profile is maintained and assigned to users usingthe Profile Generator The structural profile determines the access mode which theuser can perform The structural profile is maintained and assigned to users usingthe Implementation Guide.
Which of the following are core principles of GDPR? (Choose three.) Lawfulness, Fairness and Transparency Data Archiving
Data Quality
Storage Limitations
Data Minimization.
Why should you create multiple dispatchers in SAP IdentityManagement? There are 2 correct answers to this question. To support fail-over scenarios To accommodate scalability To handle password provisioning To handle special network access requirements.
To enable access between tenant databases, what do you need to do inan SAP HANA system for multitenant database containers? There are 3correct answers to this question. The bi-directional communication channel must be in the allowlist. The INIFILE ADMIN system privilege must be assigned. The user in the source system must be associated with a user inthe target database. . The cross-tenant database communication must be explicitlyactivated. The user in the source system must have sufficient privileges inthe target database.
Which of the following functionalities are supported by SAP InformationLifecycle Management (ILM)? (Choose three.) Data Retention
Data Logging
Data Archiving
Alert Notification Data Destruction.
You have a load balancer in a DMZ network zone (callednatl.mydomain.com) in front of 2 SAP NetWeaver AS systems(hostl.mydomain.com, host2.mydomain.com). What is therecommended common name part of the distinguished name on theSSL Server's PSE? It should be a combined DNS alias for host 1.mydomain.comand host2.mydomain.com and nat1.mydomain.com It should be host 1.mydomain.com, host2.mydornain.comindividually for each PSE It should be *.mydomain.com (wildcard) names It should be natl.mydomain.com.
The SAP HANA database is installed with multi database container(MDC) mode with multiple tenant databases configured. What are therequired activities to enable access between tenants? There are 2correct answers to this question. Decrease the level of isolation mode on all MDC tenants Create user mapping between local and remote tenantdatabases Configure smart data access (SDA) between the relevant HANAtenants Set whitelist of cross-tenant database communication channel.
You are setting up your SAP NetWeaver AS in a SSL client scenario.What are the reasons to choose an "anonymous SSL Client PSE" setup?Note: There are 2 correct answers to this question To use as a container for the list of CAs that the server trusts To support mutual authentication To have an individual identity when accessing a specificapplication To support server-side authentication and data encryption.
How are security relevant objects related in the Cloud Foundry? Thereare 2 correct answers to this question Role Collections have 0 or many roles Role Collections have 0 or many role templates Role Templates have 1 or many scopes Role Templates have 0 or many attributes.
The SSO authentication using X.509 client certificates is configured.Users complain that they can't log in to the back-end system. The tracefile shows the following error message: "HTTP request [2/5/9] Rejectuntrusted forwarded certificate". What is missing in the configuration?There are 2 correct answers to this question. On the back-end, the profile parameter icm/HTTPS/verify clientmust NOT be set to 0 The web dispatcher's SAPSSLC.PSE certificate must be added tothe trusted reverse proxies list inicm/trusted_reverse_proxy_<xx> On the web-dispatcher, the profile parametericm/HTTPS/verify_client must be set to 0 On the web-dispatcher, the SAPSSLS.pse must be signed by atrusted certification authority.
Which measures should we implement to protect the PSEs? There are 2correct answers to this question Restrict access to the opposing system users Review the usage of the S_ADMI_FCD object Review the usage of the S_DATASET object Encrypt the files with the transaction SNC0.
What are the 3 different fields of the S_LOG_COM authorization object? Command
Opsystem Host All the above.
Which of the following events will create security alerts in theCCMSAlert Monitor of SAP Solution Manager? There are 2 correctanswers to this question. Start of reports Changes to the instance profile
Call of RFC functions
Manual table changes.
You want to use Configuration Validation functionality in SAP SolutionManager to check the consistency of settings across your SAPenvironment. What serves as the reference basis for ConfigurationValidation? These are 2 correct answers to this question. A virtual set of manually maintained configuration items A target system in your system landscape A list of recommended notes from RSECNOTE A result list of configuration items from Solution Finder for SAPEarly Watch Alert.
You are using the SAP Web Dispatcher for load-balancing purposes.Which actions are performed by the SAP Web Dispatcher in thisscenario? There are 2 correct answers to this question Validates the user credentials Uses logon groups to determine how to direct requests Checks the current state of the message server. Decrypts the HTTPS request and then selects the server.
You want to configure SNC in a newly-installed AS ABAP based SAPsystem. Besides running SNCWIZARD, what else do you need toperform for this scenario? There are 2 correct answers to this question Enable encrypted HTTP service Manage the PSE Restart the SAP system Set the parameters using sapgenpse.
Which features do SAP HANA SQL-based analytic privileges offercompared to classic XML-based ones? there are 2 correct answers tothis question. Control of read-only access to SQL views . Complex filtering Control of read-only SAP HANA procedures Transportable.
Which of the following describe SAP Fiori Tile Target Mapping? (Choosetwo.) It represents the visual part of a tile. It is defined within an SAP Tile Group. It is part of the SAP Fiori Launchpad configuration. It defines the target application which is launched.
What is the User Management Engine (UME) property "connect onpooling" used for? There are 2 correct answers to this question. To share server resources among requesting LDAP clients To improve performance of requests to the LDAP directoryserver To create a new connect on to the LDAP directory server foreach request To avoid unauthorized request to the LDAP directory server.
What does the SAP Security Optimization Service provide? There are 2correct answers to this question. Configuration checks of SAP systems Analysis of the network configuration Results containing the list of patches that have to be applied. Analysis of the security vulnerabilities within an SAP landscape.
Which of the following accurately describe Solution Managerfunctionality (Choose three) Configuration validation helps to standardize and harmonizesecurity-related configuration items for ABAP systems only SAP SOS self-service is a convenient entry point to introducesecurity monitoring Configuration validation can check if security policies wereapplied SAP EWA provides the most comprehensive security check. System recommendations provide a worklist of potentiallyrelevant security notes.
You are running an SAP HANA database in a multi database container(MDC) mode with a single tenant configured. The global_auditing_stateparameter has been set to "true" on the global.ini. After restarting thesystem and tenant databases, the tenant did not come up. Whenchecking the cause, it was discovered that a tenant configurationparameter has been changed. The audit logging did NOT show anyevents. What could be the reason for this? There are 2 correct answersto this question. The global_auditing_state parameter on the nameserver.ini fileneeds to be activated The configuration parameter was changed from the OS level The audit level was set to INFO The system was offline when the changes were done.
You want to check the custom ABAP codes in your system for securityvulnerabilities and you want to use the Code Vulnerability Analyzer(CVA) for carrying out these extended security checks. What needs tobe done for this purpose? There are 2 correct answers to this question. Run SAP Code Vulnerability Analyzer from the transaction ST01. Run the extended syntax check from the SLIN transaction Run the transaction ST12 to start the analysis Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit.
You want to configure SNC with X.509 certificates using CommonCryptoLib as the cryptographic library in a new installed AS ABAPsystem. Besides running SNCWIZARD, what do you need to set up forthis scenario? There are 2 correct answers to this question. Set the CCL SNC parameters using sapgenpse Maintain the relevant CCL/SNC/' profile parameters Set the environment variable CCL_ PROFILE to the defaultprofile file path Set the environment variable CCL_ PROFILE to SECUDIR.
Which tasks would you perform to allow increased security for the SAPWeb Dispatcher Web Administration Interface? There are 2 correctanswers to this question Use Secure Socket Layer (SSL) for encrypted access . Use access restrictions to the icm/HTTP/auth_<xx> profileparameter Use subparameter ALLOWPUB = TRUE of the profile parametericm/server_port_<xx> Use a separate port for the administration interface.
You are using the SAP Web Dispatcher for load-balancing purposes.Which actions are performed by the SAP Web Dispatcher in thisscenario? There are 2 correct answers to this question. Authenticates the user's credentials Uses SAP logon groups to determine which requests aredirected to which server Checks current state of the message server Decrypts the HTTPS request and then selects the server.
How does the SAP SSO wizard (transaction SNCWIZARD) simplify theSNC configuration process? It installs the CA certificate response It creates the SNC_LIB environment variable It exports an SNC SAPCRYPTOLIB certificate and imports it intothe partner system It sets the profile parameters for SAP SNC and SPNego in thedefault profile.
What are the key capabilities of Event Analyzer in Enterprise ThreatDetection 1.0? Note: There are 2 correct answers to this question Predictive threat notification Synchronization of user contexts from ABAP Systems Pseudonymize user identities for data protection Baseline detection.
You verified the password of the TMSADM user in your SAP landscapeto be SAP defaulted. You want to reset this password by using programTMS_UPDATE_PWD_OF_TMSADM. What steps would you take to resetthis password? There are 2 correct answers to this question Deactivate the SNC opt on Assign "SAP_ALL" to TMSADM in all systems/clients including000 Run this program in the Domain Controller (client 000) Lock TMSADM in all the system/clients including 000.
What are some characteristics of an SAP HANA multitenant databasesystem (MDC) running in high insolation mode? There are 2 correctanswers to this question. All tenant-specific permissions to access files and directories arerevoked from the <sid>adm user. All tenant-specific file and directory permissions are managedby the SAP HANA system. All tenant databases will share the operating system user andgroup. . The <sid>adm user can access the tenant-specific configurationand trace files.
What are characteristics only valid for the MDC high isolation mode? All internal database communication is secured using SNC Every tenant has its own set of OS users Every tenant has its own set of database users belonging to thesame sapsys group Every tenant has its own set of database users.
What benefits does the SAP Cloud Connector have compared to a 3rdparty reverse proxy solution, when connecting your SAP Cloud Platformwith your SAP backend systems?There are 2 correct answers to thisquestion. It allows for remote invocation by the SAP Cloud Platform only It supports multiple application protocols, such as HTTP and RFC It establishes an SSL VPN tunnel to SAP Cloud Platform It can cache SAP proprietary OData packets to improve theresponse times.
What are characteristics of SAP HANA Deployment Infrastructure (HDI)roles? There are 2 correct answers to this question. They are owned by the user who creates them They are managed by the native HDI version control. They are granted using database procedures They are transportable between systems.
|
