[2022] Pass Key features of P_SECAUTH_21 Course with Updated 81 Questions [Q18-Q42]

4.8/5 - (5 votes)

[2022] Pass Key features of P_SECAUTH_21 Course with Updated 81 Questions

P_SECAUTH_21 Sample Practice Exam Questions 2022 Updated Verified

NO.18 What is required when you configure the PFCG role for an end-user on the front-end server? Note: There are 2 correct answers to this question.

The catalog assignment for the start authorization

The S_RFC authorization object for the OData access

The Fiori Launchpad designer assignment

The group assignment to display it in the Fiori Launchpad

NO.19 How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?

It installs the CA certificate response

It exports an SNC SAPCRYPTOLIB certificate and imports it into the partner system

It creates the SNC_LIB environment variable

It sets the profile parameters for SAP SNC and SPNego in the default profile

NO.20 Insufficient authorization checks might allow A BAP programs to access the PSE files. Which authorization objects should we check to protect the PSEs? Note: There are 2 correct answers to this question.

S_RZL_ADM

S_DATASET

S_ADMI_FCD

S_DEVELOP

NO.21 You have implemented CUA in your organization and you only want to compare the company address data between the central system and child systems to perform the synchronization activities. Which transact on do you use for comparing the company address between these systems?

SCUG

SCUM

SUCOMP

SCUC

NO.22 What are the characteristics of assertion tickets? Note: There are 2 correct answers to this question.

They are used for user-to-system trusted login

They are used for system-to-system communication

They have an unconfigurable validity of 2 minutes

They are transmitted as cookies

NO.23 A user has the authorization to execute SP01. What can this user access with authorization object S_ SPO_ ACT when the ‘Value for Authorization Check’ field is set to “_USER.

All spool requests for all users in the client

All spool requests for users in the same user group

User’s own spool requests

All spool requests for a specific user in the client

NO.24 How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

The tables containing sensitive data must be associated with table groups in table TBRG.

The field DICBERCLS of the authorization object must enumerate all table names of the tables containing sensitive data.

Authorization table groups containing tables with sensitive data must be defined in table TDDAT and these must be omitted for all employees who do not need access to these tables

The tables containing sensitive data must be named using the authorization object S_TA BU_NAM for all responsible administrator employees. The fields DICBERCLS of the object S_TABU_DIS can

NO.25 How do you handle user “SAP ‘in AS ABAP? Note: There are 3 correct answers to this question.

Remove all authorizations from the user

Lock and expire the user in all clients

Set profile parameter login/no_automatic_user_sapstar to 0

Set profile parameter login/no_automatic_user_sapstar to 1

Lock and expire the user in all clients except 000

NO.26 Which communication methods does the SAP Fiori Launchpad use to retrieve business data? Note: There are 3 correct answers to this question.

HTIP(S)

Trusted RFC

Secure Network Communication (SNC)

Info Access (InA)

Data

NO.27 What authorization object is checked when a user selects an A BAP Web Dynpro application to execute?

S_PROGRAM

S_START

S_TCODE

S_SERVICE

NO.28 What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question.

The Logon ticket is used for user-to-system communication

The Logon ticket is domain restricted

The Logon ticket has an unconfigurable lifetime validity

The Logon ticket session is held in the working memory

NO.29 You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the Code Vulnerability Analyzer (CVA) for carrying out these extended security checks. What needs to be done for this purpose? Note: There are 2 correct answers to this question.

Execute transaction ST12 to start the analysis

Execute program RSLIN_SEC_LICENSE_SETUP

Run CVA from the ABAP Test Cockpit

Run CVA from the ABAP Trace

NO.30 Which authorization object controls access to the trusting system between the managed system and SAP Solution Manager?

S_RFCACL

S_RFC

S_SERVICE

S_ ICM

NO.31 For which purpose do you use instance Secure Storage File System (SSFS) in an SAP HANA system? Note: There are 2 correct answers to this question.

To protect the password of the root key backup

To store root keys for data volume encryption

To store the secure single sign-on configuration

To protect the X.509 public key infrastructure certificates

NO.32 Based on your company guidelines you have set the password expiration to 60 days. Unfortunately, there is an RFC user on your SAP system which must not have a password change for 180 days. Which option would you recommend to accomplish such a request?

Change profile parameter login/password_expiration_time to 180

Create a security policy via SECPOL and assign it to tile RFC users

Create additional authorizations for RFC users and assign it to them

Create enhancement spot I user-exit

NO.33 You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to accept and forward client certificates were done. Users complain that they can’t log in to the back-end system. How can you check the cause?

Run back-end transaction SMICM and open the trace file

Run back-end system trace using ST12

Run gateway transaction /IWFND/TRACES

Run gateway transaction /IWFND/ ERRORJ.OG

NO.34 Which OData authorizations are required for a user to see business data in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question.

Start authorization in the SAP Fiori front-end system

Access authorization in the SAP Fiori front-end system

Access authorization in the SAP S/4HANA back-end system

Start authorization in the SAP S/4HANA back-end system

NO.35 Where can we store the Security Audit Log events? Note: There are 2 correct answers to this question.

In the database table RSAU_BUF_DATA

In the file system of the application servers

In the SAP Solution Manager system

In a central fi e system

NO.36 The SAP HANA database is installed with multi database container (MDC) mode with multiple tenant databases configured. What are the required activities to enable access between tenants? Note: There are 2 correct answers to this question.

Create user mapping between local and remote tenant databases

Configure smart data access (SDA) between the relevant HANA tenants

Set whitelist of cross-tenant database communication channel

Decrease the level of isolation mode on all MDC tenants

NO.37 You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transaction do you have to use to map a back-end system to one of those roles?

/UI2/GW_SYS_ALIAS

PFCG

SM59

/IWFND/MAINT_SERVICE

NO.38 What reference is used to connect multiple Cloud Connectors to one SAP Cloud Platform subaccount?

System Alias

Location ID

Instance ID

Virtual Host

NO.39 A user reports an issue with data not showing up in the visualization of the SAP Fiori tiles. You want to verify the target mapping. At what level are you going to check the target mapping?

O At the catalog level in the SAP Fiori front-end server

O At the group level in the SAP Fiori front-end server

O At the group level in the SAP Fiori Launchpad

O At the application level in the Web IDE

NO.40 You are using the SAP Web Dispatcher for load-balancing purposes. Which actions are performed by the SAP Web Dispatcher in this scenario? Note: There are 2 correct answers to this question.

Authenticates the user’s credentials

Uses SAP logon groups to determine which requests are directed to which server

Checks current state of the message server

Decrypts the HTTPS request and then selects the server

NO.41 A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12. What does the Return Code 12 signify?

“Objects not contained in User Buffer”

“No authorizations and does NOT have authorization object in their buffer”

“No authorizations but does have authorization object in their buffer”

“Too many parameters for authorization checks”

NO.42 In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction.
How do you prevent the access of users to the transaction A from within the program?

Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.

Maintain SE93 with authorization objects for transact on A.

Maintain the check indicator in table TCDCOUPLES

Ensure that transact on A is NOT assigned into the same program authorization group