P_SECAUTH_21 Online Practice Questions and Answers

Which authorizations should you restrict when you create a developer role in an AS ABAP production system? Note: There are 2 correct answers to this question.

A. The ability to execute class methods through authorization object S_PROGRAM

B. The ability to execute queries through authorization object S_OUERY

C. The ability to execute function modules through authorization object S_DEVELOP

D. The ability to use the ABAP Debugger through authorization object S_DEVELOP

User1 grants role 1 to user2. Who can revoke role 1 role from user2?

A. The system OBA user

B. The owner of role 1

C. Only User1

D. Any user with the 'ROLE ADMIN' database role

You have a load balancer in a DMZ network zone (called natl.mydomain.com) in front of 2 SAP NetWeaver AS systems (hostl.mydomain.com, host2.mydomain.com).

What is the recommended common name part of the distinguished name on the SSL Server's PSE?

A. It should be a combined DNS alias for host 1.mydomain.com and host2.mydomain.com and nat1.mydomain.com

B. It should be host 1.mydomain.com, host2.mydornain.com individually for each PSE

C. It should be natl.mydomain.com

D. It should be ?mydomain.com (wildcard) names

SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon.

What do you need to set up for this purpose? Note: There are 2 correct answers to this question.

A. Use profile parameter SNC/ACCEPT_ INSECURE_GUI with value 'U'

B. Use profile parameter SNC/ONLY_ENCRYPTED_GUI with value 'O'

C. Maintain the user access control list in table USRACLEXT

D. Use the 'Unsecure communication permitted option' In SU01 for specific users

What authorization object is checked when a user selects an A BAP Web Dynpro application to execute?

A. S_PROGRAM

B. S_START

C. S_TCODE

D. S_SERVICE

What are the key capabilities of Event Analyzer in Enterprise Threat Detection 1.0? Note: There are 2 correct answers to this question.

A. Synchronization of user contexts from ABAP Systems

B. Predictive threat notification

C. Pseudonymize user identities for data protection

D. Baseline detection

You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment.

Which setting do you recommend?

A. Changes to repository and cross-client customizing allowed

B. No changes to repository and cross-client customizing objects

C. No changes to cross-client customizing objects

D. No changes to repository objects

The SAP HANA database is installed with multi database container (MDC) mode with multiple tenant databases configured.

What are the required activities to enable access between tenants? Note: There are 2 correct answers to this question.

A. Create user mapping between local and remote tenant databases

B. Configure smart data access (SDA) between the relevant HANA tenants

C. Set whitelist of cross-tenant database communication channel

D. Decrease the level of isolation mode on all MDC tenants

How do you check when and by whom profiles were assigned or deleted?

A. Run report RSUSR008_009_NEW with appropriate filters

B. Run report RSUSR100 with appropriate filters

C. Check system trace using transaction ST01

D. Check security audit log using transact on SM20

Which features does the SAP Router support? Note: There are 2 correct answers to this question.

A. Balancing the load to ensure an even distribution across the back-end servers

B. Terminating, forwarding and (re)encrypting requests, depending on the SSL configuration

C. Password-protecting connections from unauthorized access from outside the network

D. Controlling and logging network connections to SAP systems