Mar-2023 SAP P-SECAUTH-21 Certification Real 2023 Mock Exam [Q25-Q46] : Free Exams Dumps Materials : http://exams.dumpsmaterials.com

NEW QUESTION 25
Which features do SAP HANA SQL-based analytic privileges offer compared to classic XML-based ones? Note: there are 2 correct answers to this question.

Control of read-only SAP HANA procedures

Transportable

Complex filtering

Control of read-only access to SQL views

NEW QUESTION 26
In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction.
How do you prevent the access of users to the transaction A from within the program?

Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.

Maintain SE93 with authorization objects for transact on A.

Maintain the check indicator in table TCDCOUPLES

Ensure that transact on A is NOT assigned into the same program authorization group

NEW QUESTION 27
The SSO authentication using X.509 client certificates is configured. Users complain that they can’t log in to the back-end system. The trace file shows the following error message: “HTTP request [2/5/9] Reject untrusted forwarded certificate”. What is missing in the configuration? Note: There are 2 correct answers to this question.

On the back-end, the profile parameter icm/HTTPS/verify client must NOT be set to 0

On the web-dispatcher, the SAPSSLS.pse must be signed by a trusted certification authority

On the web-dispatcher, the profile parameter icm/HTTPS/verify_client must be set to 0

The web dispatcher’s SAPSSLC.PSE certificate must be added to the trusted reverse proxies list in icm/trusted_reverse_proxy_<xx>

NEW QUESTION 28
How do you handle user “SAP ‘in AS ABAP? Note: There are 3 correct answers to this question.

Remove all authorizations from the user

Lock and expire the user in all clients

Set profile parameter login/no_automatic_user_sapstar to 0

Set profile parameter login/no_automatic_user_sapstar to 1

Lock and expire the user in all clients except 000

NEW QUESTION 29
To prevent session fixation and session hijacking attacks, SAP’s HTTP security session management is highly recommended. What are the characteristics of HTTP security session management? Note: There are 2 correct answers to this question.

It uses URLs containing sap-context d to identify the security session

The system is checking the logon credentials again for every request

The security sessions are created during logon and deleted during logoff.

The session identifier is a reference to the session context transmitted through a cookie.

NEW QUESTION 30
Your company is running SAP S/4HANA on premise, with the requirement to run the SAP Fiori Launchpad in the SAP Cloud Platform. What would be the recommended scenario for user authentication for internet browser access to the SAP Fiori Launchpad?

SAML2 and OData Provisioning

SAP Logon Tickets

Principal Propagation

X.509 Client Certificates

NEW QUESTION 31
You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transactions do you have to use to map a back-end system to one of those roles?

/UI2/GW_SYS_ALIAS

/IWFND/MAINT_SERVICE

SEGW

PFCG

NEW QUESTION 32
How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question

Static assignments occur at runtime

Dynamic assignments are based on scope values

Dynamic assignments are based on attribute values

Static assignments are set up via the Cloud Cockpit

NEW QUESTION 33
Which authorizations are required for an SAP Fiori Launchpad user? Note: There are 2 correct answers to this question

/UI2/INTEROP

/UI2/CHIP

/UI2/PAGE_BUILDER_PERS

/UI2/PAGE_BUILDER_CUST

NEW QUESTION 34
Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration Interface? Note: There are 2 correct answers to this question

Use subparameter ALLOWPUB = TRUE of the profile parameter icm/server_port_<xx>

Use access restrictions to the icm/HTTP/auth_<xx> profile parameter

Use a separate port for the administration interface

Use Secure Socket Layer (SSL) for encrypted access

NEW QUESTION 35
You want to carry out some preparatory work for executing the SAP Security Optimization Self-service on a customer system. Which of the following steps do you have to execute on the managed systems? Note: There are 2 correct answers to this question.

Install the ST-A/PI plug-in

Configure Secure Network Communications

Configure specific authorizations

Grant operating system access

NEW QUESTION 36
How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?

It restarts the SAP application server for all profile changes to take effect

It sets the profile parameter for SAP SNC in the instance profile

It creates the SNC_LIB environment variable in OS user profile

It set the profile parameters for SAP SNC in the default profile

NEW QUESTION 37
You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the Code Vulnerability Analyzer (CVA) for carrying out these extended security checks. What needs to be done for this purpose? Note: There are 2 correct answers to this question.

Execute transaction ST12 to start the analysis

Execute program RSLIN_SEC_LICENSE_SETUP

Run CVA from the ABAP Test Cockpit

Run CVA from the ABAP Trace

NEW QUESTION 38
An end user has indicated that they are getting an authorization error when attempting to call a Transaction Code (TCD). However, the TCD exists in the User Manu. What could be the issue and where would you check?

The TCD is assigned to the user via multiples roles; check in PFCG

An entry in table USRBF prevents them from calling the TCD; check SE16

This user is blocked from calling the TCD; check in SM01

Additional authorization checks are required for the TC; check in SE93

NEW QUESTION 39
In your SAP HCM system, you are implementing structural authorizations for your users. What are the characteristics of this authorization type? Note: There are 2 correct answers to this question.

The structural profile is maintained and assigned to users using the Profile Generator

The structural profile determines the access mode which the user can perform

The structural profile is maintained and assigned to users using the Implementation Guide

The structural profile determines the accessible object in the organizational structure

NEW QUESTION 40
What is the default authentication mechanism in the SAP Cloud Platform?

X 509 Certificates

Kerberos

SAP Logon Tickets

SAML

NEW QUESTION 41
Who can revoke a runtime role from a user in the SAP HANA tenant database? Note: There are 2 correct answers to this question. Note: there are 2 correct answers to this question.

Anyone with “ROLE ADMIN”

The grating user

The owner of the HDI container

The DBACOCKPIT user

NEW QUESTION 42
What are characteristic of the SAP_INTERNAL_HANA_SUPPORT catalog role? Note: there are 2 correct answers to this question.

Object privileges can be granted to the role

No role can be granted to it

System privileges can be granted to the role

It has full access to all metadata

NEW QUESTION 43
You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to accept and forward client certificates were done. Users complain that they can’t log in to the back-end system. How can you check the cause?

Run back-end transaction SMICM and open the trace file

Run back-end system trace using ST12

Run gateway transaction /IWFND/TRACES

Run gateway transaction /IWFND/ ERRORJ.OG

NEW QUESTION 44
In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction. How do you prevent the access of users to the transaction A from within the program?

Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.

Maintain SE93 with authorization objects for transact on A.

Maintain the check indicator in table TCDCOUPLES

Ensure that transact on A is NOT assigned into the same program authorization group

NEW QUESTION 45
Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question.

attributes.ini

indexserver.ini

nameservice.ini

global.ini

NEW QUESTION 46
Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?

Function ID

Application ID

Process ID

Expression ID

Mar-2023 SAP P-SECAUTH-21 Certification Real 2023 Mock Exam [Q25-Q46]

SAP P-SECAUTH-21 Certification Exam Topics:

SAP P-SECAUTH-21 Exam Description: