SAP P_SECAUTH_21 SAP Certified Technology Professional - System Security Architect Exam Practice Test

Page: 1 / 14
Total 80 questions
Question 1

You are evaluating the "Cross-client object change" option using transaction SCC4 for your

Unit Test Client in the development environment. Which setting do you recommend?



Answer : C

This is the recommended setting for the ''Cross-client object change'' option using transaction SCC4 for your Unit Test Client in the development environment. This setting allows you to make changes to repository objects (such as programs, function modules, classes, etc.) and cross-client customizing objects (such as number ranges, message classes, etc.) in your Unit Test Client without affecting other clients in the same system. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true


Question 2

How is the role concept applied for modeled authorizations based on Core Data Services

(CDS) views?



Answer : A

The role concept for modeled authorizations based on Core Data Services (CDS) views works in this way: CDS roles are mapped to the CDS view in the access rules that define which users can access which data from the CDS view. The access rules are defined using annotations in the CDS view definition or using a separate access control DDL source file. Reference: https://help.sap.com/viewer/cc0c305d2fab47bd808adcad3ca7ee9d/7.5.9/en-US/fafcbcf9d9101014b3d9a08ce33d9640.html https://help.sap.com/viewer/cc0c305d2fab47bd808adcad3ca7ee9d/7.5.9/en-US/fafcbcf9d9101014b3d9a08ce33d9640.html


Question 3

For which reasons would you choose an "anonymous SSL Client PSE" setup? Note: There are

2 correct answers to this question.



Answer : A, B

These are some of the reasons why you would choose an ''anonymous SSL Client PSE'' setup in SAP systems. An anonymous SSL Client PSE is a PSE that does not contain any client certificates or keys, but only contains certificates of trusted certificate authorities (CAs). It can be used to establish SSL connections with servers that do not require client authentication, but only use data encryption to protect the communication. It can also be used as a container for storing the CAs that are trusted by the client. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true


Question 4

Which SAP product supports General Data Privacy Regulation (GDPR) compliance through mitigating control testing and validation?



Answer : D

SAP Process Control is a SAP product that supports General Data Privacy Regulation (GDPR) compliance through mitigating control testing and validation. SAP Process Control enables you to define and monitor controls for various business processes and regulations, such as GDPR, SOX, or ISO standards. It also allows you to perform control testing and validation activities, such as self-assessments, surveys, issue management, or remediation plans. Reference: https://help.sap.com/viewer/product/SAP_PROCESS_CONTROL/en-US


Question 5

Which authorizations should you restrict when you create a developer role in an AS ABAP

production system? Note: There are 2 correct answers to this question.



Answer : A, D

Developers should not be able to use the ABAP Debugger or run function modules in a production system, as these actions could compromise the system integrity and security. Authorization object S_DEVELOP controls both these activities and should be restricted for developers in a production system. Reference: https://help.sap.com/viewer/68bf513362174d54b58cddec28794093/7.5.20/en-US/4a0c1f51bb571014e10000000a42189c.html https://help.sap.com/viewer/68bf513362174d54b58cddec28794093/7.5.20/en-US/4a0c1f51bb571014e10000000a42189c.html


Question 6

What does return code 1 2 mean when performing STAUTHTRACE?



Answer : C

Return code 12 means that the user does not have the required authorization for an authority check but does have the authorization object in the user buffer. This means that the user has some values for the authorization object but not the ones that are needed for the specific check. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true


Question 7

Which tasks would you perform to allow increased security for the SAP Web Dispatcher WebAdministration interface? Note: There are 2 correct answers to this question.



Answer : A, C

These are some of the tasks that you would perform to allow increased security for the SAP Web Dispatcher WebAdministration interface, which is a web-based tool for configuring and monitoring the SAP Web Dispatcher instance. You can use access restrictions with the icm/HTTP/auth_<xx> profile parameter, which allows you to define rules for allowing or denying access based on IP addresses, host names, or URLs. You can also use Secure Socket Layer (SSL) for encrypted access, which protects the communication between your browser and the WebAdministration interface using certificates and keys. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true


Page:    1 / 14   
Total 80 questions