SAP ITGC - Authorization concept
COMMENTS |
STATISTICS |
RECORDS
|
Title of test: SAP ITGC - Authorization concept Description: SAP IT General controls - Authorization concept |
Nuevo Comentario| New Comment |
|---|
NO RECORDS |
|
What checks are done when running a transaction. Check object S_TCODE. Authority check (ABAP code). User login & password. Check all authorization objects which are required by the transaction. Check the first authorization only. If the transaction is locked. What transaction is used for running SAP programs. RUN_TRANSACTION. PFCG. SA38. EXECUTE_ (+ the program name to run). SE38. What is the most correct order of the authorization concept hierarchy. Profile->activity group-> authorization->field->value. Role->profile->authorization-> field->value. Activity group->profile-> authorization object->field->value. Composite profile->profile->role->authorization object->field->value. What activities are normally tested when “active” access is checked. 01. 02. 03. 04. 05. * (star). What are possible user types : Service. Server. Communication. Dialog. Interface. Read-only. How can one possibly lower the security of the authorization concept. Switching off authorization objects. Removal of authorization objects check (in SU24). Granting access to locking/unlocking transactions to end-users. Using * instead of current value listing. Which of the following are standard sensitive profiles. SAP_ALL. SAP_NEW. Z.SAP_ALL. S_A.SYSTEM. S_A.ADMIN. The user master record is valid in: Client. Instance. Company code. Plant. |