Summer Special Flat 65% Limited Time Discount offer - Ends in 0d 00h 00m 00s - Coupon code: suredis

Certensure Logo
  1. Home
  2. SAP
  3. SAP Certified Technology Professional
  4. P_SECAUTH_21 - SAP Certified Technology Professional - System Security Architect

SAP P_SECAUTH_21 SAP Certified Technology Professional - System Security Architect Exam Practice Test

Demo: 20 questions
Total 80 questions
Get P_SECAUTH_21 Full Access Download P_SECAUTH_21 PDF

SAP Certified Technology Professional - System Security Architect Questions and Answers

Question 1

The SAP HANA database is installed with multi database container (MDC) mode with multiple tenant databases configured. What are the required activities to enable access between tenants? Note: There are 2 correct answers to this question.

Options:

A.

Create user mapping between local and remote tenant databases

B.

Configure smart data access (SDA) between the relevant HANA tenants

C.

Set whitelist of cross-tenant database communication channel

D.

Decrease the level of isolation mode on all MDC tenants

Question 2

Which authorization object controls access to the trusting system between the managed system and SAP Solution Manager?

Options:

A.

S_RFCACL

B.

S_RFC

C.

S_SERVICE

D.

S_ ICM

Question 3

How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?

Options:

A.

It installs the CA certificate response

B.

It exports an SNC SAPCRYPTOLIB certificate and imports it into the partner system

C.

It creates the SNC_LIB environment variable

D.

It sets the profile parameters for SAP SNC and SPNego in the default profile

Question 4

What information constitutes an indirect connection to an individual, in the context of GDPR? Note: There are 3 correct answers to this question

Options:

A.

National Identifier

B.

Postal Address

C.

Date of Birth

D.

License plate number

E.

IP Address

Question 5

Which SAP tool provides functions to support Data Destruction, Business Rules Maintenance, and Processing of Audit Areas?

Options:

A.

SAP Information Retrieval Framework

B.

SAP Information Lifecycle Management

C.

SAP Business Rule Framework Plus

D.

SAP Data Controller Rule Framework

Question 6

To prevent session fixation and session hijacking attacks, SAP's HTTP security session management is highly recommended. What are the characteristics of HTTP security session management? Note: There are 2 correct answers to this question.

Options:

A.

It uses URLs containing sap-context d to identify the security session

B.

The system is checking the logon credentials again for every request

C.

The security sessions are created during logon and deleted during logoff.

D.

The session identifier is a reference to the session context transmitted through a cookie.

Question 7

Which authorizations are required for an SAP Fiori Launchpad user? Note: There are 2 correct answers to this question

Options:

A.

/UI2/INTEROP

B.

/UI2/CHIP

C.

/UI2/PAGE_BUILDER_PERS

D.

/UI2/PAGE_BUILDER_CUST

Question 8

Which communication methods does the SAP Fiori Launchpad use to retrieve business data? Note: There are 2 correct answers to this question

Options:

A.

OData

B.

InA

C.

HOP

D.

SNC

Question 9

User1 grants role 1 to user2. Who can revoke role 1 role from user2?

Options:

A.

The system OBA user

B.

The owner of role 1

C.

Only User1

D.

Any user with the 'ROLE ADMIN' database role

Question 10

What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.

Options:

A.

Analysis of the security vulnerabilities within an SAP landscape

B.

Results containing the list of patches that have to be applied.

C.

Configuration checks of SAP systems

D.

Analysis of the network configuration

Question 11

Which characteristics apply to the SAP ID Service? Note: There are 2 correct answers to this question

Options:

A.

Configurable password policy

B.

Non-configurable MFA for SAP BTP Cockpit

C.

Customizable user interface

D.

User base owned and managed by SAP

Question 12

Which type of systems can be found in the Identify Provisioning Service landscape? Note: There are 2 correct answers to this question

Options:

A.

Identify Provider

B.

Source

C.

Proxy

D.

Service Provider

Question 13

Which features does the SAP Router support? Note: There are 2 correct answers to this question.

Options:

A.

Balancing the load to ensure an even distribution across the back-end servers

B.

Terminating, forwarding and (re)encrypting requests, depending on the SSL configuration

C.

Password-protecting connections from unauthorized access from outside the network

D.

Controlling and logging network connections to SAP systems

Question 14

What are the characteristics of assertion tickets? Note: There are 2 correct answers to this question.

Options:

A.

They are used for user-to-system trusted login

B.

They are used for system-to-system communication

C.

They have an unconfigurable validity of 2 minutes

D.

They are transmitted as cookies

Question 15

Based on your company guidelines you have set the password expiration to 60 days. Unfortunately, there is an RFC user in your SAP system who must not have a password change for 180 days. Which option would you recommend to accomplish such a request?

Options:

A.

Create an enhancement spot or user exit

B.

Create a security policy via SECPOL and assign it to the RFC user

C.

Change the profile parameter login/password_expiration_time to 180

D.

Define the RFC user as a reference user

Question 16

How do you check when and by whom profiles were assigned or deleted?

Options:

A.

Run report RSUSR008_009_NEW with appropriate filters

B.

Run report RSUSR100 with appropriate filters

C.

Check system trace using transaction ST01

D.

Check security audit log using transact on SM20

Question 17

What benefits does the SAP Cloud Connector have compared to a 3rd partyreverse proxy solution, when connecting your SAP Cloud Platform with your SAP backend systems? Note: There are 2 correct answers to this question.

Options:

A.

It establishes an SSL VPN tunnel to SAP Cloud Platform

B.

It allows for remote invocation by the SAP Cloud Platform only

C.

It can cache SAP proprietary OData packets to improve the response times

D.

It supports multiple application protocols, such as HTTP and RFC

Question 18

The SSO authentication using X.509 client certificates is configured. Users complain that they can't log in to the back-end system. The trace file shows the following error message: "HTTP request [2/5/9] Reject untrusted forwarded certificate". What is missing in the configuration? Note: There are 2 correct answers to this question.

Options:

A.

On the back-end, the profile parameter icm/HTTPS/verify client must NOT be set to 0

B.

On the web-dispatcher, the SAPSSLS.pse must be signed by a trusted certification authority

C.

On the web-dispatcher, the profile parameter icm/HTTPS/verify_client must be set to 0

D.

The web dispatcher's SAPSSLC.PSE certificate must be added to the trusted reverse proxies list in icm/trusted_reverse_proxy_

Question 19

What can you maintain in transaction SU24 to reduce the overall maintenance in PFCG? Note: There are 3 correct answers to this question.

Options:

A.

The default values so they are appropriate for the transactions used in the roles

B.

The authorization objects that are not linked to transact on codes correctly

C.

The default values in the tables USOBX and USOBT

D.

The default authority check settings for the role maintenance tool

E.

The authorization objects that have unacceptable default values

Question 20

Which of the following user types can be used to log on interactively? Note: There are 2 correct answers to this question

Options:

A.

System

B.

Dialog

C.

Communication

D.

Service

Load More P_SECAUTH_21 Questions
Demo: 20 questions
Total 80 questions
Get P_SECAUTH_21 Full Access Download P_SECAUTH_21 PDF