Whic of the following objects allows you to restrict which users can distribute a role to another system using an RFC destination? S_USER_AGR S_USER_SYS S_USER_AUT S_USER_STA. Which archiving objct can you use for archiving change documents related to changes with authorizaitons assigned to user? US_PROF US_AUTH US_PASS USJJSER. Where is the application log information (SLG1) saved? In the database In the location specified by the rsau/local/file parameter In the directory specified by DIR_LOGGING parameter In the directory specified by DIR_TRANS. Which values are permitted for the S_BTCH_JOB authorization object? Note: There are 3 correct answers to this question. SHOW RELE 01 (Create) 02 (Change) DELE. In SAP NetWeaver AS Java, the User Management Engine (UME) supports which of the following data sources for storing user data? Java system database Directory /usr/sap ABAP based sap system UDDI provider LDAP directory. What is the purpose of securing sensitive business data? Note: There are 3 correct answer to this question. Reduction of training cost Protection of intellectual property Correctness of data Disruption of software deployment Protection image. A PFCG role can be linked to an SAP Organizational Management structure by which object types? Note: There are 3 correct answer to this question. Job Person Organizational Unit Task Position. Which of the following checks performed for SAProuter by the SAP security optimization service (SOS)? Note: There are 3 correct answer to this question. Secure Network Communication Check Saprouttab Check User Management Check Operation System Access Check Password Check. During maintenance of role you notice that the status text for an authorizaiton object indicates status "Changed New" What does this status text mean? The authorization object was used to create a new authorization because the value contained in SU24 differ from the SAP standard contained in SU25 The authorization object must be maintained again This authorization object has been flagged as critical object The authorization object was used to create a new authorization because the initial configuration of the role change a default value maintained in SU24. What is the main purpose of SAP Access Control, as an enterprise software solution? Manage corporate social media presence Secure authentication for cloud and on-premise Identify security risk and document compliance Deployment of encryption services. Where is the application log information (SLG1) saved? In the location specified by the rsau/local/file parameter In the directory specified by DIR_TRANS parameter In the database In the directory specified by DIR_LOGGING parameter . What information can be provided by an Audit Class? (Choose three.) User Authorizations Dialog Logon RFC/CPIC Logon User Roles Transaction Start . You want to adjust check indicator values for certain authorization objects delivered by SAP. In which of the following
tables should your adjustments be recorded? USOBHASH USOBX USOBT_C USOBX_C . Which of the following correctly describe the SAP Security Optimization Service (SOS) offerings? (Choose three.) Self Service: performed by experienced service engineers Onsite Service: performed by specialists Onsite Service: available with additional costs Remote Service: part of CQC service offering Self Service: all completely automated checks in all SAP systems . Which of the following authorization objects are used to secure the execution of External Commands when defining a
background job step? (Choose two.) S_RZL_ADM S_BTCH_EXT S_LOG_COM S_PROGRAM . In SAP S/4HANA Cloud authorization objects are grouped into which item? Single technical roles Groups Business roles Privileges . Your company uses derived roles. During maintenance of the Plant Manager imparting role, you add a new transaction
to the Menu tab which introduces a new organizational level that will be unique for each of your 150 plants. How will the
new organization level be maintained in the derived roles? All at once using transaction PFCGMASSVAL Automatically using the Copy Data button during maintenance of the imparting role Automatically after generating the profiles of the imparting role and adjusting the derived roles Manually by maintaining each derived role individually . How can you protect a system when you do not want the user assignments for a role to be transported? Restrict import of users in table PRGN_CUST in the target system Restrict import of users in table PRGN_CUST in the development system Restrict access to the user assignment tab in PFCG in the target system Restrict access to the user assignment tab in PFCG in the development system. Which of the following items are addressed by Configuration Validation? (Choose three.) Critical roles Software packages Failed transports RFC logins Database parameters. Which of the following SUIM reports can you use to determine if a user has a segregation of duty violation? (Choose
two.) User Comparison User Level Access Risk Analysis Users by Complex Search Users With Critical Authorizations . Which of the following describe SAP Fiori Tile Target Mapping? (Choose two.) It defines the target application which is launched. It is part of the SAP Fiori Launchpad configuration. It represents the visual part of a tile. It is defined within an SAP Tile Group. You want to turn off the SAP Menu on the Easy Access Menu screen. What administrative function do you need in
Authorization Object S_USER_ADM? SSM_CUST PRGN_CUST USR_CUST USR_CUST_S . In the case of missing OData authorizations, why is it not recommended to maintain S_SERVICE manually within an
SAP Fiori authorization role? (Choose two.) Both front-end and back-end entries are generating the same S_SERVICE authorization object with different
authorization values. Both front-end and back-end entries are generating the same S_SERVICE authorization object with the same
authorization values. The SRV_NAME value of the S_SERVICE authorization object is the name of an OData service. The SRV_NAME value of the S_SERVICE authorization object is the hash value of an OData service. . Which CDS-related repository object types are provided with ABAP CDS? (Choose three.) CDS View Entity Metadata Extensions SQL View Access Control Data Definition . Which of the following are phases in the SAP Audit Management auditing process? (Choose three.) Monitoring Progress Engagement Planning Remediation Analysis Communicating Results Mitigation Review . What are the main features of SAP Enterprise Threat Detection (ETD)? (Choose three.) Monitoring of GDPR compliance Segregation of Duty analysis Forensic investigations Realtime alerts Monitoring of security events . Which of the following accurately describe a Composite Role? (Choose two.) Transactions cannot be deleted from the menu with the authorizations retained. Authorizations are maintained at the single role level. Menus cannot be adjusted as required. User assignment is maintained at the Composite Role level. . Which feature is available in the CommonCryptoLib scenario provided by SAP Security Library? SSL/TLS SPNEGO / ABAP Secure Store and Forward (SSF) Hardware Security Module (HSM) . Where can you enable the Read Access Logging tools? SWI5 SUIM SPRO SICF. Which of the following parameters must be configured to capture log data in the Security Audit Log? rec/client dir_logging rsau/enable rdisp/TRACE . Which UCON phase blocks the access to RFC Function Modules without an assigned Communication Assembly? Logging Configuration Activation Evaluation. Which of the following correctly describe the SAP Security Optimization Service (SOS) offerings? (Choose three.) Self Service: performed by experienced service engineers Onsite Service: performed by specialists Onsite Service: available with additional costs Remote Service: part of CQC service offering Self Service: all completely automated checks in all SAP systems . What is the purpose of securing sensitive business data? (Choose three.) Reduction of training costs Disruption of software deployment
Protection of intellectual property
Protection of image
Correctness of data. Which of the following describes an Authorization Object class? It defines a group of 1 to 10 authorization fields together. It defines the smallest unit against which an authorization check can be run. It defines a logical grouping of authorization objects. It defines authorizations for different authorization objects. . If the OData back-end service is located on a remote back-end, users need which authorization objects to perform the
RFC call on the back-end system? (Choose two.) S_RFC S_RFCACL S_START S_SERVICE. Which of the various protocols can be used to establish secure communication? (Choose three.) From Secure Login Client to Secure Login Server: DIAG/RFC (SNC), HTTPS, RADIUS From Business Explorer to SAP Netweaver: DIAG/RFC (SNC), HTTPS (SSL) From SAP GUI to SAP Netweaver: DIAG/RFC (SNC) From Secure Login Server to SAP Netweaver: RFC (SNC) From Secure Login Server to LDAP Server: HTTPS (SSL) . Which of the following allows you to improve the quality of your enterprise data assets with consistent data validation
rules, data profiling and metadata management? SAP Data Services SAP Information Steward SAP Information Lifecycle Management SAP Process Control. Which application allows a role developer to perform the mass maintenance of menu options from selected SAP Fiori PRGN_COMPARE_ROLE_MENU PRGN_CREATE_FIORI_BACKENDROLES PRGN_PRINT_AGR_MENU PRGN_CREATE_FIORI_FRONTENDROLE. In SAP NetWeaver AS Java, the User Management Engine (UME) supports which of the following data sources for
storing user data? (Choose three.)
Java system database Directory /usr/sap LDAP Directory UDDI provider ABAP-based SAP system. Which transaction code allows you to configure the SAP Security Audit Log? SM19 SM20 SM18 SUIM. Which transaction codes are relevant to enable SNC between ABAP systems? Note: There are 3 correct
answers to this question. SNC0 PFCG RZ10 STRUST SU01. Which is the frequency of SAP Patch day? Yearly Quarterly Weekly Monthly. Which of the following authorization objects are used to secure the execution of External Commands
when defining a background job step? Note: There are 2 correct answers to this question. S_RZL_ADM S_BTCH_EXT S_LOG_COM S_PROGRAM. Which of the following allows you to improve the quality of your enterprise data assets with consistent
data validation rules, data profiling and metadata management? SAP Data Services SAP Information Steward SAP Information Lifecycle Management SAP Process Control. What is the purpose of securing sensitive business data? Note: There are 3 correct Answers to this
question. Reduction of training costs Disruption of software deployment Protection of intellectual property Protection of image Correctness of data.
What is the purpose of SAP Notes listed by SAP Solution Manager System Recommendations? Note:
There are 2 correct answers to this question. To recommend Legal Change Notes related to SAP innovations To recommend Performance Notes to improve system response To recommend SAP Hot News Notes (priority 1 and 2) To recommend SAP Security Notes for evaluation. Which authorization object is required to modify authorization data of derived roles? S_USER_SYS S_USER_AUT S_USER_VAL S_USER_AGR. Your company uses derived roles. During maintenance of the Plant Manager imparting role, you add a
new transaction to the Menu tab which introduces a new organizational level that will be unique for
each of your 150 plants. How will the new organization level be maintained in the derived roles? All at once using transaction PFCGMASSVAL Automatically using the Copy Data button during maintenance of the imparting role Automatically after generating the profiles of the imparting role and adjusting the derived roles Manually by maintaining each derived role individually.
|