Note! Following P_SECAUTH_21 Exam is Retired now. Please select the alternative replacement for your Exam Certification.

P_SECAUTH_21 Exam Dumps - SAP Certified Technology Professional - System Security Architect

Question # 4

Which of the following user types can be used to log on interactively? Note: There are 2 correct answers to this question

System

Dialog

Communication

Service

Full Access

Question # 5

What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question

The Logon ticket is not domain restricted

The Logon ticket session is held in the working memory

The Logon ticket is sued for user-to-system communication

The Logon ticket is always set to client 000

Full Access

Question # 6

User1 grants role 1 to user2. Who can revoke role 1 role from user2?

The system OBA user

The owner of role 1

Only User1

Any user with the 'ROLE ADMIN' database role

Full Access

Question # 7

The SAP HANA database has its parameters configured with its default values. How can the SAP_INTERNAL_HA NA_SUPPORT catalog role be used?

The role can be granted to another role (nested)

The role can be granted to multiple users at a time

The role can be granted only with system privileges

The role can be granted to the SYSTEM user

Full Access

Question # 8

Insufficient authorization checks might allow A BAP programs to access the PSE files. Which authorization objects should we check to protect the PSEs? Note: There are 2 correct answers to this question.

S_RZL_ADM

S_DATASET

S_ADMI_FCD

S_DEVELOP

Full Access

Question # 9

How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question

Static assignments occur at runtime

Dynamic assignments are based on scope values

Dynamic assignments are based on attribute values

Static assignments are set up via the Cloud Cockpit

Full Access

Question # 10

You are reviewing the authorizations for Core Data Services (CDS) views. How are classic authorizations integrated with CDS authorizations?

By using the statement AUTHORITY-CHECK in the access control of the CDS view

By defining access conditions in an access rule for the CDS view

By assigning the CDS view to the authorization profile in PFCG

By defining the CDS view in the authorization object in SU21

Full Access

Question # 11

You are running a 3-tier SAP system landscape. Each time you are accessing STMS_IMPORT on any of these systems, you are prompted for a TMSADM password. How can you stop this prompt from appearing?

Run the report RSUSR405 on the domain controller.

Reset the TMSADM user's password on the system you are trying to access STMS_ IMPORT.

Change the TMSA DM user's password directly in the TMS RFC destination in transact on SM59.

Run the report TMS_ UPDATE_PWD_OF_TMSADM on the domain controller.

Full Access

Question # 12

Which of the following events will create security alerts in the CCMS Alert Monitor of SAP Solution Manager? Note: There are 2 correct answers to this question.

Manual table changes

Changes to the instance profile

Call of RFC functions

Start of reports

Full Access

Question # 13

Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?

Function ID

Application ID

Process ID

Expression ID

Full Access

Question # 14

You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to accept and forward client certificates were done. Users complain that they can't log in to the back-end system. How can you check the cause?

Run back-end transaction SMICM and open the trace file

Run back-end system trace using ST12

Run gateway transaction /IWFND/TRACES

Run gateway transaction /IWFND/ ERRORJ.OG

Full Access

Question # 15

SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question.

Use profile parameter SNC/ACCEPT_ INSECURE_GUI with value 'U'

Use profile parameter SNC/ONLY_ENCRYPTED_GUI with value 'O'

Maintain the user access control list in table USRACLEXT

Use the 'Unsecure communication permitted option' In SU01 for specific users

Full Access

Question # 16

You have delimited a single role that is part of a composite role, and a user comparison for the composite role has been performed. You notice that the comparation did NOT.... profile assignments for that single role. What program would you run to resolve this situation?

PRGN_COMPARE_ROLE_MENU

PRGN_COMPRESS_TIMES

PRGN_DELETE_ACTIVITY_GROUPS

PRGN_MERGE_PREVIEW

Full Access

Question # 17

You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?

Changes to repository and cross-client customizing allowed

No changes to repository and cross-client customizing objects

No changes to cross-client customizing objects

No changes to repository objects

Full Access

Question # 18

You have implemented CUA in your organization and you want to set the field distribution attribute as follows: Maintain a default value in the central system that is automatically distributed to the child systems when you create a user. After distribution, the data is maintained only locally and is no longer distributed if you change it in the central or child system. Which field distribution parameter do you maintain?

Redistribution

Local

Global

Proposal

Full Access

Question # 19

Where can we store the Security Audit Log events? Note: There are 2 correct answers to this question.

In the database table RSAU_BUF_DATA

In the file system of the application servers

In the SAP Solution Manager system

In a central fi e system

Full Access