DK_SP_ARCH

What does Enterprise Threat Detection Do? (3 answers). Dashboard Sec Risk Analysis. Predictive notification. Detect (Real Time), Analyze and Neutralize threats. Threat identification and.

Tracing authorizations in ABAP CDS views?. STAUTHTRACE (CDS Views). ST01. SACM. /UI2/FLPCM_CUST.

What is Multitenant Database Containers (MDC) high isolation mode characteristics? (5 answers). Share system users. One System DB and multiple tenant DB's (scale-out system). Shared installation of DB system software. Strong Isolation Features: a) Database Users, b) Database catalog, c) Repository & d) Persistence, backups, traces and diagnosis files. Distinction between tasks performed at system level and those performed at database level. Integration with data center operating procedures.

Which files are used to store default password for SAP Hana? (2 answers). nameserver.ini. indexserver.ini. tenant_database_name. system database.

Your company is running SAP S/4HANA on premise, with the requirement to run the SAP Fiori Launchpad in the SAP Cloud Platform. What would be the recommended scenario for user authentication for internet browser access to the SAP Fiori Launchpad (Default connection method for SAP cloud connector). X.509 Certificate. LDAP. TCP. SAML 2.0.

During audit check/analysis (No changes were found) - Which parameter activates table logging to ensure that SCC4 values or output are captured?. rec/client. rsau_select_events. RZ11.

Which service Offering in SolMan is SAP Security Optimisation under?. Solman then System Administration Optimization. System Recommendation. Configuration Validation on Security. Earlywatch.

Which suite with SAP Security Optimisation service be under?. Through SM_WORKCENTER then it is Change Management Fiori Group. OTHER.

User has access to MM50 but transaction MM01 was called. The company doesn't want to give direct acces to transaction MM01 - what do we do to resolve. Use TCDCOUPLES (SE97) to deactivate calling of MM01. SE93. PFCG. SU24.

Which Standard Users SHOULD exist in client 000 (4 answers). SAP*. TMSADM. DDIC. EARLYWATCH. SAPCPIC. ADMIN.

Which reports / tcodes would you use to audit assigned user profiles through SU01?(2 answers). RSUSR100. RSUSR002. RSUSR008. RSUSR009.

Which modules supports data destruction & business rule management. SAP Information Lifecycle Management (ILM). Identity Lifecycle Management. Business Rules Framework BRF. Security Optimizaton.

SAP_INTERNAL_HANA_SUPPORT (contains System and Object privileges) cannot be assigned to more than 1 user in HANA system. The role can be granted to the SYSTEM user 1. if the users are from SYSTEMDB, increase nameserver.ini [authorization] internal_support_user_limit. 2. if the users are from tenant DB, increase indexserver.ini [authorization] internal_support_user_limit. P_USER_PASSWORD is an internal database table that cannot be accessed by any user, not even the SYSTEM. This is an internal database user used by the SAP Enterprise Performance Management (SAP EPM) application. This is an internal database user. It is the owner of database objects, such as, system tables and monitoring views.

A personal security environment (PSE) is a secure location where the public-key information of a user or component is stored. typical contents of a PSE include the user's public-key certificate, private address book, and private key. Public and private key pair is stored in the SNC PSE (Personal Security Environment). X.509 certificates. JSON web tokens. Securing users in the operating system.

Identify the user types for interactive access?(2 answers). Dialog. Service. System. Communication.

GDPR policies - principles (General Data Protection Regulation)(7 answers). Lawfulness, Fairness and Transparency. Integrity and Confidentiality (Security). Storage Limitation. Accuracy. Purpose Limitation. Data Minimzation. Accountability. Privacy.

For GDPR, which entities indirectly identify a user?(5 answers). National Identifiers. License Number Plates. IP Addresses. MAC Address. Membership Numbers. Postal Address. Email.

For GDPR, which entities directly identify a user?(4 answers). Name. Postal Address. Telephone Number. Email Address. License Number Plates. Membership Numbers.

Which GDPR principle requires documentation of policies?. Accountability. Integrity and Confidentiality (Security). Storage Limitation. Lawfulness, Fairness and Transparency.

"System Recommendation" tile falls under which group in Solman fiori launchpad?. Change Management. Configuration validation. SAP Security Optimization. Computing Center Management System.

Troubleshooting Fiori errors what are the options(2 answers). /IWFND/ERROR_LOG (Frontend System). /IWBEP/ERROR_LOG (Backend System). /UI2/CACHE_DEL. /UI2/FLPCM_CUST.

What is true about SAP ID (Universal ID) service?(2 answers). User base managed by SAP. Configurable Password policy. Non-configurable MFA* for SAP BTP Cockpit and console client access. Configurable User interface.

How is SAP HANA SQL analytics different from classic XML (2 answers). Transportable. Complex filtering. Read Only SQL Commands/Views. Read Only Database procedures/tables.

A user reports an auth error in execution of a transaction TCD. While investigating, TCD is present as a part of S_TCODE. What could be the issue? (2 answers). SU24. SM01 - Lock entries. SE93 - update. Further authorisation pertaining to TCD.

Which service is used for User isolation/authentication (not sure exactly)? Connectivity ?. JDBC. ODBC. OLEDB. HTTP/S.

What is Static and Dynamic parameter assignment within SAP HANA?(2 answers). Static Parameter is fixed and system restart is required (RZ10). Dynamic Parameter are immediately affected in SAP (RZ11 - Examples: sapgui/user_scripting). SE13. SM20.

Within CUA for ALE processing, which job is used for Idoc processing? 2 answers. RBDAPP01. WE20. RBDAUD01. RSECNOTE.

Which UCON phase blocks the access to RFC Function modules without an assigned Communication Assembly?. Activation. Logging. Evaluation. Configuration.

Which parameter needs to be configured to capture log data in the Security Audit Log?. Rsau/enable. rsau/max_diskspace/local. rsau/selection_slots. rsau/table_log.

Where is application log information SLG1 saved?(2 answers). In the location specified by the rau/local/file parameter. In the directory specified by DIR_TRANS parameter. In the directory specified by DIR_LOGGING parameter. In the Database. BALHDR and BALDAT.

Relation between SAP HANA User Groups and Administrators (one to many, many to one)?(3 answers). Every user group can have its own dedicated administrator(s). (Decentralised Admin). A user group can be configured for exclusive administration, which means that only the designated group administrator(s) can manage the users in the group. (protect highly-privileged users or technical users from accidental deletion or manipulation.). Group specific-user configuration is possible. By setting user properties at the group level, you can configure related users quickly and differently to users in other groups. User groups allow you to manage related users together. Group administrators can be assigned to manage individual user groups exclusively and independently of each other.

Which tool do you use to customize the SAP HANA default password policy? 2 answers. SAP HANA COCKPIT. SAP HANA LIFECYCLE MANAGER. SAP HANA STUDIO. SAP WEB IDE.

SAP provides GRC risk analysis for what modules? (2 answers). Access request management. Business Role Management. Process Control. Emergency access.

Which communication protocols supported by SAP Cloud Connector (5 answers). LDAP. RFC. HTTPS. TCP. SNC. X.509. HTTP.

An application deployed on the SAP Cloud Foundry can be protected using the following steps (4 answers). Maintain the xs-security.json with the correct scopes, attributes, role templates, and role collections. Deploy the application to the SAP Cloud Platform. This will make the role collections available in the subaccount, where the application is deployed. Create roles based on the role collection in case you need to maintain attribute values. Maintain mapping between users and user groups in your IdP and maintain the mapping between the user groups from SAML and the role collections from your app, in your SAP Cloud Platform subaccount. SAP Cloud Identity Provisioning Service (IPS) and the OAuth functionality. User accesses the protected Web resource on SP.

Which items are part of a role template? (2 answers). Role collections. Scopes. Attributes.

User Types in SAP NetWeaver AS for Java (4 answers). Technical user - System. Standard - Dialog. Internal Service User. Unknown (only with ABAP datasource) - Communication, Service, Reference. Self Created.

What services are available in Cloud Foundry? (3 answers). Data Quality. Analytics. Integration. Security Services. Workflow Service.

What authorisation object required to secure PSE? (3 answers). S_ADM_FCD. S_RZL_ADM. S_DATASET. S_PATH. S_ARCHIVE.

Which tool does GDPR Mitigation Control and Testing?. SAP Process Control. SAP Access Control. SAP Information Lifecycle Management. SAP Enterprise Threat Detection. Solution Manager. IAG.

What are the characteristics of the SAP_INTERNAL_HANA_SUPPORT catalog role? (2 answers). No role can be granted to it. It has full access to all metadata. Object privileges can be granted to the role. System privileges can be granted to the role.

You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out the extended security checks. (2 answers). Run SAP Code Vulnerability Analyzer from ABAP test cockpit. SAP Code Vulnerability Analyzer from ST01. Run the extended syntax check from SLIN transaction. Run the transaction ST12 to start the analysis.

SAP Information Lifecycle Management fulfills which of the following data privacy requirements?. Access restriction to personal data. Blocking and deletion of personal data. Transparency over the processing of personal data. Information to be provided.

What is the default authentication mechaism for SAP Cloud Platform?. SAML. KERBEROS. X509 CERTIFICATES. SAP LOGON TICKETS.

Where do you manage and configure GDPR?. Process Control. Access Control. IAG. Solution Manager.

What are the 2 systems available in Identity Provisioning systems? (2 answers). Source. Proxy. IDP. SP.