Pass SAP P_SECAUTH_21 Exam Quickly With Real4exams [Q35-Q51]

Rate this post

Pass SAP P_SECAUTH_21 Exam Quickly With Real4exams

Prepare P_SECAUTH_21 Question Answers – P_SECAUTH_21 Exam Dumps

SAP P_SECAUTH_21 Exam Description:

The “SAP Certified Technology Professional – System Security Architect” certification exam verifies that the candidate possesses the depth of knowledge required in the areas of SAP System Security and Authorization. This certificate proves that the candidate has an advanced understanding within the Technology Consultant profile and is able to apply these skills practically and provide guidance in SAP project implementations in the role of a SAP Security Architect. Furthermore, the holder of this certification is capable to review and evaluate the security level of complex on-premise, cloud and hybrid system architectures.

Q35. You have delimited a single role which is part of a composite role, and a user comparison for the composite role has been performed. You notice that the comparison did NOT remove the profile assignments for that single role. What program would you run to resolve this situation?

0 PRGN_COMPRESS_TIMES

0PRGN_COMPARE_ROLE_MENU

0 PRGN_DELETE_ACT IVITY_GROUPS

0 PRGN_MERGE_PREVIEW

Q36. What are the requirements of SPNego SSO configuration in an SAP Fiori front-end system? Note: There are 2 correct answers to this question.

The system requires an identity provider as an issuing system to enable single sign-on with SPNego in an internet-facing deployment scenario.

The system’s users in the ABAP system must have the same user names as the database users in SAP HANA

The system should typically be located within the corporate network.

The system requires Microsoft Active Directory infrastructure in place.

Q37. You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transaction do you have to use to map a back-end system to one of those roles?

/UI2/GW_SYS_ALIAS

PFCG

SM59

/IWFND/MAINT_SERVICE

Q38. You are using the SAP Web Dispatcher for load-balancing purposes. Which actions are performed by the SAP Web Dispatcher in this scenario? Note: There are 2 correct answers to this question.

Authenticates the user’s credentials

Uses SAP logon groups to determine which requests are directed to which server

Checks current state of the message server

Decrypts the HTTPS request and then selects the server

Q39. A user has the authorization to execute SP01. What can this user access with authorization object S_ SPO_ ACT when the ‘Value for Authorization Check’ field is set to “_USER.

All spool requests for all users in the client

All spool requests for users in the same user group

User’s own spool requests

All spool requests for a specific user in the client

Q40. What are the characteristics of assertion tickets? Note: There are 2 correct answers to this question.

They are used for user-to-system trusted login

They are used for system-to-system communication

They have an unconfigurable validity of 2 minutes

They are transmitted as cookies

Q41. You are setting up your SAP NetWeaver AS in a SSL client scenario. What are the reasons to choose an “anonymous SSL Client PSE” setup?
Note: There are 2 correct answers to this question.

To support mutual authentication

To support server-side authentication and data encryption

To use as a container for the list of CAs that the server trusts

To have an individual identity when accessing a specific application

Q42. You want to use Configuration Validation functionality in SAP Solution Manager to check the consistency of settings across your SAP environment. What serves as the reference basis for Configuration Validation? Note: There are 2 correct answers to this question.

A list of recommended settings attached to a specific SAP Note

A target system in your system landscape

A virtual set of manually maintained configuration ems

A result list of configuration items from SAP Early Watch Alert (EWA)

Q43. What is required when you configure the PFCG role for an end-user on the front-end server? Note: There are 2 correct answers to this question.

The catalog assignment for the start authorization

The S_RFC authorization object for the OData access

The Fiori Launchpad designer assignment

The group assignment to display it in the Fiori Launchpad

Q44. In your SAP HCM system, you are implementing structural authorizations for your users. What are the characteristics of this authorization type? Note: There are 2 correct answers to this question.

The structural profile is maintained and assigned to users using the Profile Generator

The structural profile determines the access mode which the user can perform

The structural profile is maintained and assigned to users using the Implementation Guide

The structural profile determines the accessible object in the organizational structure

Q45. You have a load balancer in a DMZ network zone (called natl.mydomain.com) in front of 2 SAP NetWeaver AS systems (hostl.mydomain.com, host2.mydomain.com). What is the recommended common name part of the distinguished name on the SSL Server’s PSE?

It should be a combined DNS alias for host 1.mydomain.com and host2.mydomain.com and nat1.mydomain.com

It should be host 1.mydomain.com, host2.mydornain.com individually for each PSE

It should be natl.mydomain.com

It should be *.mydomain.com (wildcard) names

Q46. How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?

It installs the CA certificate response

It exports an SNC SAPCRYPTOLIB certificate and imports it into the partner system

It creates the SNC_LIB environment variable

It sets the profile parameters for SAP SNC and SPNego in the default profile

Q47. You have Reason Codes already defined. Which is the correct sequence of steps to configure a Firefighter ID in Emergency Access Management?

Maintain a Firefighter ID for Controllers and Firefighters
Maintain an Owner for a Firefighter ID
Maintain Access Control Owner

Maintain an Owner for a Firefighter ID
Maintain a Firefighter ID for Controllers and Firefighters
Maintain Access Control Owner

Q48. How do you check when and by whom profiles were assigned or deleted?

Run report RSUSR008_009_NEW with appropriate filters

Run report RSUSR100 with appropriate filters

Check system trace using transaction ST01

Check security audit log using transact on SM20

Q49. Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration interface? Note: There are 2 correct answers to this question.

Use a separate port for the content

Use access restrictions with the icm/HTTP/auth_<xx> profile parameter

Use subparameter ALLOWPUB = FALSE of the profile parameter icm/server_port_<xx>

Use Secure Socket Layer (SSL) for password encrypt on

Q50. In addition to the authorization /UI2/LAUNCHPAD, which other authorizations are required to assign to an SAP Fiori Launchpad user? Note: There are 2 correct answers to this question.

/U12/INTEROP

/UI2JPAGE_BUILDER_CUST

/UI2/FLC

/U12JPAGE_BUILDER_PERS

Q51. User1 grants role 1 to user2. Who can revoke role 1 role from user2?

The system OBA user

The owner of role 1

Only User1

Any user with the ‘ROLE ADMIN’ database role

Loading …

SAP P_SECAUTH_21 Exam Syllabus Topics:

Topic	Details
Topic 1	Monitor security and troubleshoot security issues using Solution Manager Describe and implement the authorization concept for SAP S 4HANA
Topic 2	Describe the security goals, data privacy goverance Authorization, Security and Scenarios in SAP HANA
Topic 3	Access Governance and Compliance in SAP SAP Cloud Platform Security Secure an SAP System
Topic 4	Describe and implement the authorization concept for SAP Business Suite SAP Netweaver Application Server and Infrastructure Security
Topic 5	User Administration and Identity Lifecycle Management in SAP Explain authorization, security and scenarios in SAP HANA