March Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

P_SECAUTH_21 Exam Dumps - SAP Certified Technology Professional - System Security Architect

Question # 4

Which of the following user types can be used to log on interactively? Note: There are 2 correct answers to this question

A.

System

B.

Dialog

C.

Communication

D.

Service

Full Access
Question # 5

What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question

A.

The Logon ticket is not domain restricted

B.

The Logon ticket session is held in the working memory

C.

The Logon ticket is sued for user-to-system communication

D.

The Logon ticket is always set to client 000

Full Access
Question # 6

User1 grants role 1 to user2. Who can revoke role 1 role from user2?

A.

The system OBA user

B.

The owner of role 1

C.

Only User1

D.

Any user with the 'ROLE ADMIN' database role

Full Access
Question # 7

The SAP HANA database has its parameters configured with its default values. How can the SAP_INTERNAL_HA NA_SUPPORT catalog role be used?

A.

The role can be granted to another role (nested)

B.

The role can be granted to multiple users at a time

C.

The role can be granted only with system privileges

D.

The role can be granted to the SYSTEM user

Full Access
Question # 8

Insufficient authorization checks might allow A BAP programs to access the PSE files. Which authorization objects should we check to protect the PSEs? Note: There are 2 correct answers to this question.

A.

S_RZL_ADM

B.

S_DATASET

C.

S_ADMI_FCD

D.

S_DEVELOP

Full Access
Question # 9

How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question

A.

Static assignments occur at runtime

B.

Dynamic assignments are based on scope values

C.

Dynamic assignments are based on attribute values

D.

Static assignments are set up via the Cloud Cockpit

Full Access
Question # 10

You are reviewing the authorizations for Core Data Services (CDS) views. How are classic authorizations integrated with CDS authorizations?

A.

By using the statement AUTHORITY-CHECK in the access control of the CDS view

B.

By defining access conditions in an access rule for the CDS view

C.

By assigning the CDS view to the authorization profile in PFCG

D.

By defining the CDS view in the authorization object in SU21

Full Access
Question # 11

You are running a 3-tier SAP system landscape. Each time you are accessing STMS_IMPORT on any of these systems, you are prompted for a TMSADM password. How can you stop this prompt from appearing?

A.

Run the report RSUSR405 on the domain controller.

B.

Reset the TMSADM user's password on the system you are trying to access STMS_ IMPORT.

C.

Change the TMSA DM user's password directly in the TMS RFC destination in transact on SM59.

D.

Run the report TMS_ UPDATE_PWD_OF_TMSADM on the domain controller.

Full Access
Question # 12

Which of the following events will create security alerts in the CCMS Alert Monitor of SAP Solution Manager? Note: There are 2 correct answers to this question.

A.

Manual table changes

B.

Changes to the instance profile

C.

Call of RFC functions

D.

Start of reports

Full Access
Question # 13

Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?

A.

Function ID

B.

Application ID

C.

Process ID

D.

Expression ID

Full Access
Question # 14

You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to accept and forward client certificates were done. Users complain that they can't log in to the back-end system. How can you check the cause?

A.

Run back-end transaction SMICM and open the trace file

B.

Run back-end system trace using ST12

C.

Run gateway transaction /IWFND/TRACES

D.

Run gateway transaction /IWFND/ ERRORJ.OG

Full Access
Question # 15

SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question.

A.

Use profile parameter SNC/ACCEPT_ INSECURE_GUI with value 'U'

B.

Use profile parameter SNC/ONLY_ENCRYPTED_GUI with value 'O'

C.

Maintain the user access control list in table USRACLEXT

D.

Use the 'Unsecure communication permitted option' In SU01 for specific users

Full Access
Question # 16

You have delimited a single role that is part of a composite role, and a user comparison for the composite role has been performed. You notice that the comparation did NOT.... profile assignments for that single role. What program would you run to resolve this situation?

A.

PRGN_COMPARE_ROLE_MENU

B.

PRGN_COMPRESS_TIMES

C.

PRGN_DELETE_ACTIVITY_GROUPS

D.

PRGN_MERGE_PREVIEW

Full Access
Question # 17

You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?

A.

Changes to repository and cross-client customizing allowed

B.

No changes to repository and cross-client customizing objects

C.

No changes to cross-client customizing objects

D.

No changes to repository objects

Full Access
Question # 18

You have implemented CUA in your organization and you want to set the field distribution attribute as follows: Maintain a default value in the central system that is automatically distributed to the child systems when you create a user. After distribution, the data is maintained only locally and is no longer distributed if you change it in the central or child system. Which field distribution parameter do you maintain?

A.

Redistribution

B.

Local

C.

Global

D.

Proposal

Full Access
Question # 19

Where can we store the Security Audit Log events? Note: There are 2 correct answers to this question.

A.

In the database table RSAU_BUF_DATA

B.

In the file system of the application servers

C.

In the SAP Solution Manager system

D.

In a central fi e system

Full Access
Question # 20

What are characteristics only valid for the MDC high isolation mode?

A.

Every tenant has its own set of OS users

B.

All internal database communication is secured using SNC

C.

Every tenant has its own set of database users

D.

Every tenant has its own set of database users belonging to the same sapsys group

Full Access