This page was exported from Free Exams Dumps Materials [ http://exams.dumpsmaterials.com ] Export date:Thu Nov 21 18:03:46 2024 / +0000 GMT ___________________________________________________ Title: Mar-2023 SAP P-SECAUTH-21 Certification Real 2023 Mock Exam [Q25-Q46] --------------------------------------------------- Mar-2023 SAP P-SECAUTH-21 Certification Real 2023 Mock Exam P-SECAUTH-21 Exam Questions and Valid PMP Dumps PDF SAP P-SECAUTH-21 Certification Exam Topics: Topic AreasTopic Details, Courses, BooksSAP Cloud Platform Security 8% - 12%Explain security and scenarios in SAP Cloud platform SECCL1 (SAP EXTENSION SUITE) Security Monitoring and Security Auditing > 12%Monitor security and troubleshoot security issues using Solution Manager, security audits, traces and logs. ADM900 (NW AS 7.52) ADM950 (SEE COURSE DETAIL) ADM960 (SAP NETWEAVER 7.55) Authorization Concept for SAP S/4HANA > 12%Describe and implement the authorization concept for SAP S/4HANA ADM945 (SAP S/4HANA 1809) Authorization, Security and Scenarios in SAP HANA > 12%Explain authorization, security and scenarios in SAP HANA HA940 (SAP HANA 2.0 SPS05) User Administration and Identity Lifecycle Management in SAP < 8%Manage users in SAP systems ADM900 (NW AS 7.52) ADM940 (SAP S/4HANA 1909) ADM910 (SAP S/4HANA 1909) Access Governance and Compliance in SAP < 8%Describe the security goals, data privacy goverance, access goverance solutions and tools in SAP. ADM900 (NW AS 7.52) ADM910 (SAP S/4HANA 1909)   NEW QUESTION 25Which features do SAP HANA SQL-based analytic privileges offer compared to classic XML-based ones? Note: there are 2 correct answers to this question.  Control of read-only SAP HANA procedures  Transportable  Complex filtering  Control of read-only access to SQL views NEW QUESTION 26In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction.How do you prevent the access of users to the transaction A from within the program?  Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.  Maintain SE93 with authorization objects for transact on A.  Maintain the check indicator in table TCDCOUPLES  Ensure that transact on A is NOT assigned into the same program authorization group NEW QUESTION 27The SSO authentication using X.509 client certificates is configured. Users complain that they can’t log in to the back-end system. The trace file shows the following error message: “HTTP request [2/5/9] Reject untrusted forwarded certificate”. What is missing in the configuration? Note: There are 2 correct answers to this question.  On the back-end, the profile parameter icm/HTTPS/verify client must NOT be set to 0  On the web-dispatcher, the SAPSSLS.pse must be signed by a trusted certification authority  On the web-dispatcher, the profile parameter icm/HTTPS/verify_client must be set to 0  The web dispatcher’s SAPSSLC.PSE certificate must be added to the trusted reverse proxies list in icm/trusted_reverse_proxy_<xx> NEW QUESTION 28How do you handle user “SAP ‘in AS ABAP? Note: There are 3 correct answers to this question.  Remove all authorizations from the user  Lock and expire the user in all clients  Set profile parameter login/no_automatic_user_sapstar to 0  Set profile parameter login/no_automatic_user_sapstar to 1  Lock and expire the user in all clients except 000 NEW QUESTION 29To prevent session fixation and session hijacking attacks, SAP’s HTTP security session management is highly recommended. What are the characteristics of HTTP security session management? Note: There are 2 correct answers to this question.  It uses URLs containing sap-context d to identify the security session  The system is checking the logon credentials again for every request  The security sessions are created during logon and deleted during logoff.  The session identifier is a reference to the session context transmitted through a cookie. NEW QUESTION 30Your company is running SAP S/4HANA on premise, with the requirement to run the SAP Fiori Launchpad in the SAP Cloud Platform. What would be the recommended scenario for user authentication for internet browser access to the SAP Fiori Launchpad?  SAML2 and OData Provisioning  SAP Logon Tickets  Principal Propagation  X.509 Client Certificates NEW QUESTION 31You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transactions do you have to use to map a back-end system to one of those roles?  /UI2/GW_SYS_ALIAS  /IWFND/MAINT_SERVICE  SEGW  PFCG NEW QUESTION 32How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question  Static assignments occur at runtime  Dynamic assignments are based on scope values  Dynamic assignments are based on attribute values  Static assignments are set up via the Cloud Cockpit NEW QUESTION 33Which authorizations are required for an SAP Fiori Launchpad user? Note: There are 2 correct answers to this question  /UI2/INTEROP  /UI2/CHIP  /UI2/PAGE_BUILDER_PERS  /UI2/PAGE_BUILDER_CUST NEW QUESTION 34Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration Interface? Note: There are 2 correct answers to this question  Use subparameter ALLOWPUB = TRUE of the profile parameter icm/server_port_<xx>  Use access restrictions to the icm/HTTP/auth_<xx> profile parameter  Use a separate port for the administration interface  Use Secure Socket Layer (SSL) for encrypted access NEW QUESTION 35You want to carry out some preparatory work for executing the SAP Security Optimization Self-service on a customer system. Which of the following steps do you have to execute on the managed systems? Note: There are 2 correct answers to this question.  Install the ST-A/PI plug-in  Configure Secure Network Communications  Configure specific authorizations  Grant operating system access NEW QUESTION 36How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?  It restarts the SAP application server for all profile changes to take effect  It sets the profile parameter for SAP SNC in the instance profile  It creates the SNC_LIB environment variable in OS user profile  It set the profile parameters for SAP SNC in the default profile NEW QUESTION 37You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the Code Vulnerability Analyzer (CVA) for carrying out these extended security checks. What needs to be done for this purpose? Note: There are 2 correct answers to this question.  Execute transaction ST12 to start the analysis  Execute program RSLIN_SEC_LICENSE_SETUP  Run CVA from the ABAP Test Cockpit  Run CVA from the ABAP Trace NEW QUESTION 38An end user has indicated that they are getting an authorization error when attempting to call a Transaction Code (TCD). However, the TCD exists in the User Manu. What could be the issue and where would you check?  The TCD is assigned to the user via multiples roles; check in PFCG  An entry in table USRBF prevents them from calling the TCD; check SE16  This user is blocked from calling the TCD; check in SM01  Additional authorization checks are required for the TC; check in SE93 NEW QUESTION 39In your SAP HCM system, you are implementing structural authorizations for your users. What are the characteristics of this authorization type? Note: There are 2 correct answers to this question.  The structural profile is maintained and assigned to users using the Profile Generator  The structural profile determines the access mode which the user can perform  The structural profile is maintained and assigned to users using the Implementation Guide  The structural profile determines the accessible object in the organizational structure NEW QUESTION 40What is the default authentication mechanism in the SAP Cloud Platform?  X 509 Certificates  Kerberos  SAP Logon Tickets  SAML NEW QUESTION 41Who can revoke a runtime role from a user in the SAP HANA tenant database? Note: There are 2 correct answers to this question. Note: there are 2 correct answers to this question.  Anyone with “ROLE ADMIN”  The grating user  The owner of the HDI container  The DBACOCKPIT user NEW QUESTION 42What are characteristic of the SAP_INTERNAL_HANA_SUPPORT catalog role? Note: there are 2 correct answers to this question.  Object privileges can be granted to the role  No role can be granted to it  System privileges can be granted to the role  It has full access to all metadata NEW QUESTION 43You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to accept and forward client certificates were done. Users complain that they can’t log in to the back-end system. How can you check the cause?  Run back-end transaction SMICM and open the trace file  Run back-end system trace using ST12  Run gateway transaction /IWFND/TRACES  Run gateway transaction /IWFND/ ERRORJ.OG NEW QUESTION 44In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction. How do you prevent the access of users to the transaction A from within the program?  Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.  Maintain SE93 with authorization objects for transact on A.  Maintain the check indicator in table TCDCOUPLES  Ensure that transact on A is NOT assigned into the same program authorization group NEW QUESTION 45Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question.  attributes.ini  indexserver.ini  nameservice.ini  global.ini NEW QUESTION 46Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?  Function ID  Application ID  Process ID  Expression ID  Loading … SAP P-SECAUTH-21 Exam Description: The "SAP Certified Technology Professional - System Security Architect" certification exam verifies that the candidate possesses the depth of knowledge required in the areas of SAP System Security and Authorization. This certificate proves that the candidate has an advanced understanding within the Technology Consultant profile and is able to apply these skills practically and provide guidance in SAP project implementations in the role of a SAP Security Architect. Furthermore, the holder of this certification is capable to review and evaluate the security level of complex on-premise, cloud and hybrid system architectures.   P-SECAUTH-21 Question Bank: Free PDF Download Recently Updated Questions: https://www.dumpsmaterials.com/P-SECAUTH-21-real-torrent.html --------------------------------------------------- Images: https://exams.dumpsmaterials.com/wp-content/plugins/watu/loading.gif https://exams.dumpsmaterials.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2023-03-06 11:13:44 Post date GMT: 2023-03-06 11:13:44 Post modified date: 2023-03-06 11:13:44 Post modified date GMT: 2023-03-06 11:13:44