New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium SAP P_SECAUTH_21 Dumps Questions Answers

SAP Certified Technology Professional - System Security Architect Questions and Answers

Question 1

A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12. What does the Return Code 12 signify?

Options:

A.

"Objects not contained in User Buffer"

B.

"No authorizations and does NOT have authorization object in their buffer"

C.

"No authorizations but does have authorization object in their buffer"

D.

"Too many parameters for authorization checks"

Buy Now
Question 2

Which SAP tool provides functions to support Data Destruction, Business Rules Maintenance, and Processing of Audit Areas?

Options:

A.

SAP Information Retrieval Framework

B.

SAP Information Lifecycle Management

C.

SAP Business Rule Framework Plus

D.

SAP Data Controller Rule Framework

Question 3

You have Reason Codes already defined. Which is the correct sequence of steps to configure a Firefighter ID in Emergency Access Management?

Options:

A.

Maintain a Firefighter ID for Controllers and Firefighters

Maintain an Owner for a Firefighter ID

Maintain Access Control Owner

B.

Maintain an Owner for a Firefighter ID

Maintain a Firefighter ID for Controllers and Firefighters

Maintain Access Control Owner

C.

Maintain an Owner for a Firefighter ID

Maintain a Firefighter ID for Controllers and Firefighters

Maintain Access Control Owner

D.

Maintain an Owner for a Firefighter ID

Maintain a Firefighter ID for Controllers and Firefighters

Maintain Access Control Owner

Question 4

What are characteristic of the SAP_INTERNAL_HANA_SUPPORT catalog role? Note: there are 2 correct answers to this question.

Options:

A.

Object privileges can be granted to the role

B.

No role can be granted to it

C.

System privileges can be granted to the role

D.

It has full access to all metadata

Question 5

You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted. You want to reset this password by using program TMS_UPDATE_PWD_OF_TMSADM. What steps would you take to reset this password?

Note: There are 2 correct answers to this question

Options:

A.

Run this program in the Domain Controller (client 000)

B.

Lock TMSADM in all the system/clients including 000

C.

Assign "SAP_ALL" to TMSADM in all systems/clients including 000

D.

Deactivate the SNC option

Question 6

Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question.

Options:

A.

attributes.ini

B.

indexserver.ini

C.

nameservice.ini

D.

global.ini

Question 7

Which features does the SAP Router support? Note: There are 2 correct answers to this question.

Options:

A.

Balancing the load to ensure an even distribution across the back-end servers

B.

Terminating, forwarding and (re)encrypting requests, depending on the SSL configuration

C.

Password-protecting connections from unauthorized access from outside the network

D.

Controlling and logging network connections to SAP systems

Question 8

Which of the 7 core principles of the General Data Privacy Regulation (GDPR) requires thorough documentation of all policies and controls that govern the collection and processing of data?

Options:

A.

Accuracy

B.

Lawfulness, Fairness and Transparency

C.

Accountability

D.

Integrity and Confidentiality

Question 9

The SAP HANA database has its parameters configured with its default values. How can the SAP_INTERNAL_HA NA_SUPPORT catalog role be used?

Options:

A.

The role can be granted to another role (nested)

B.

The role can be granted to multiple users at a time

C.

The role can be granted only with system privileges

D.

The role can be granted to the SYSTEM user

Question 10

To which services packages does SAP Security Optimization Services (SOS) belong?

Options:

A.

EarlyWatch Reporting

B.

Performance Optimization

C.

Application Integration Optimization

D.

System Administration Optimization

Question 11

The SAP HANA database is installed with multi database container (MDC) mode with multiple tenant databases configured. What are the required activities to enable access between tenants? Note: There are 2 correct answers to this question.

Options:

A.

Create user mapping between local and remote tenant databases

B.

Configure smart data access (SDA) between the relevant HANA tenants

C.

Set whitelist of cross-tenant database communication channel

D.

Decrease the level of isolation mode on all MDC tenants

Question 12

You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transactions do you have to use to map a back-end system to one of those roles?

Options:

A.

/UI2/GW_SYS_ALIAS

B.

/IWFND/MAINT_SERVICE

C.

SEGW

D.

PFCG

Question 13

How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?

Options:

A.

It restarts the SAP application server for all profile changes to take effect

B.

It sets the profile parameter for SAP SNC in the instance profile

C.

It creates the SNC_LIB environment variable in OS user profile

D.

It set the profile parameters for SAP SNC in the default profile

Question 14

You have a load balancer in a DMZ network zone (called natl.mydomain.com) in front of 2 SAP NetWeaver AS systems (hostl.mydomain.com, host2.mydomain.com). What is the recommended common name part of the distinguished name on the SSL Server's PSE?

Options:

A.

It should be a combined DNS alias for host 1.mydomain.com and host2.mydomain.com and nat1.mydomain.com

B.

It should be host 1.mydomain.com, host2.mydornain.com individually for each PSE

C.

It should be natl.mydomain.com

D.

It should be •.mydomain.com (wildcard) names

Question 15

How can you register an SAP Gateway service? Note: There are 2 correct answers to this question.

Options:

A.

Use SAP_GAT EWAY_BASIC_CONFIG in transact on STCO 1 on the frontend server

B.

Use transaction /IWFND/MA INT_SERVICE on the front-end server

C.

Use SAP_GAT EWAY_ACTIVATE_ODATA_SERV in transact on STC01 on the front-end server

D.

Use transaction SEGW on the back-end server

Question 16

What authorization objects do we need to create job steps with external commands in a background job? Note: There are 2 correct answers to this question.

Options:

A.

S_ADMI_FCD

B.

S_LOG_COM

C.

S_RZL_ADM

D.

S_BTCH_EXT

Question 17

Which of the objects do you assign to an SAP Fiori tile to make it visible in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question.

Options:

A.

Group

B.

Role

C.

User

D.

Catalog

Question 18

What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question

Options:

A.

The Logon ticket is not domain restricted

B.

The Logon ticket session is held in the working memory

C.

The Logon ticket is sued for user-to-system communication

D.

The Logon ticket is always set to client 000

Question 19

You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out these extended security checks. What need to be done for this purpose? Note: There are 2 correct answers to this question

Options:

A.

Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit

B.

Run SAP Code Vulnerability Analyzer from the transaction ST01

C.

Run the transaction ST12 to start the analysis

D.

Run the extended syntax check from the SLIN transaction

Question 20

How are user group administrators and user groups related in SAP HANA? Note: there are 2 correct answers to this question.

Options:

A.

Multiple user groups per user group administrator

B.

Only one user group administrator per user group

C.

Multiple user group administrators per user group

D.

Only one user group per user group administrator