P_SECAUTH_21 Exam Questions - Real & Updated Questions PDF [Q23-Q42]

Topic	Details
Topic 1	Authorization Concept for SAP Business Suite Security Monitoring and Security Auditing
Topic 2	Monitor security and troubleshoot security issues using Solution Manager Describe and implement the authorization concept for SAP S 4HANA
Topic 3	Describe the security goals, data privacy goverance Authorization, Security and Scenarios in SAP HANA
Topic 4	Describe and implement security in a SAP NetWeaver Application Server and related infrastructure components Authorization Concept for SAP S 4HANA
Topic 5	Access Governance and Compliance in SAP SAP Cloud Platform Security Secure an SAP System
Topic 6	Describe and implement the authorization concept for SAP Business Suite SAP Netweaver Application Server and Infrastructure Security

QUESTION 23
You want to launch classic SAP GUI transactions directly from the SAP Fiori Launchpad. Which of the following scenarios do you choose?

Chrome, SAP Enterprise Portal, SAP GUI for Java

Chrome, SAP Cloud Platform, SAP GUI for Java

Internet Explorer, ABAP front-end server, SAP GUI for Windows

Internet Explorer, SAP Business Client, SAP GUI for Windows

QUESTION 24
To enable access between tenant databases, what do you need to do in an SAP HANA system for multitenant database containers? Note: there are 3 correct answers to this question.

The bi-directional communication channel must be in the allow list.

The user in the source system must be associated with a user in the target database.

The user in the source system must have sufficient privileges in the target database.

The cross-tenant database communication must be explicitly activated.

The INIFILE ADMIN system privilege must be assigned.

QUESTION 25
For which purpose do you use instance Secure Storage File System (SSFS) in an SAP HANA system? Note: There are 2 correct answers to this question.

To protect the password of the root key backup

To store root keys for data volume encryption

To store the secure single sign-on configuration

To protect the X.509 public key infrastructure certificates

QUESTION 26
You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted. You want to reset this password by using program TMS_UPDATE_PWD_OF_TMSADM. What steps would you take to reset this password?
Note: There are 2 correct answers to this question

Run this program in the Domain Controller (client 000)

Lock TMSADM in all the system/clients including 000

Assign “SAP_ALL” to TMSADM in all systems/clients including 000

Deactivate the SNC opt on

QUESTION 27
Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?

S_RFCACL

S_ACL_HIST

S_RFC_TT

S_RFC_TTAC

QUESTION 28
Which characteristics apply to the SAP ID Service? Note: There are 2 correct answers to this question

Configurable password policy

Non-configurable MFA for SAP BTP Cockpit

Customizable user interface

User base owned and managed by SAP

QUESTION 29
What benefits does the SAP Cloud Connector have compared to a 3rd partyreverse proxy solution, when connecting your SAP Cloud Platform with your SAP backend systems? Note: There are 2 correct answers to this question.

It establishes an SSL VPN tunnel to SAP Cloud Platform

It allows for remote invocation by the SAP Cloud Platform only

It can cache SAP proprietary OData packets to improve the response times

It supports multiple application protocols, such as HTTP and RFC

QUESTION 30
What can you maintain in transaction SU24 to reduce the overall maintenance in PFCG? Note: There are 3 correct answers to this question.

The default values so they are appropriate for the transactions used in the roles

The authorization objects that are not linked to transact on codes correctly

The default values in the tables USOBX and USOBT

The default authority check settings for the role maintenance tool

The authorization objects that have unacceptable default values

QUESTION 31
How do you check when and by whom profiles were assigned or deleted?

Run report RSUSR008_009_NEW with appropriate filters

Run report RSUSR100 with appropriate filters

Check system trace using transaction ST01

Check security audit log using transact on SM20

QUESTION 32
The security administrator is troubleshooting authorization errors using transaction SU53. While running transaction MM50, the user received the following error.
“You are not authorized to use transaction MM01”
The user’s position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict.
How can the security administrator resolve the issue and still provide the user with the needed access to MM50?

Set the check indicator (for the transaction authorization called by the MM01 transaction) to NO, using transaction SE97 for transaction MM50.

Set the check indicator value for object S_TCODE in the SU24 data for transaction MM01 to Do Not Check.

Remove transaction MM01 as a CALLING transaction from table TCDCOUPLES.

Set the value form instance parameter auth/no_check_in_some_cases to N.

QUESTION 33
What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.

Analysis of the security vulnerabilities within an SAP landscape

Results containing the list of patches that have to be applied.

Configuration checks of SAP systems

Analysis of the network configuration

QUESTION 34
Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?

Function ID

Application ID

Process ID

Expression ID

QUESTION 35
Which communication protocols are supported by the SAP Cloud Connector? Note: There are 2 correct answers to this question

NNTP

LDAP

SNA

RFC

QUESTION 36
You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out these extended security checks. What need to be done for this purpose? Note: There are 2 correct answers to this question

Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit

Run SAP Code Vulnerability Analyzer from the transaction ST01

Run the transaction ST12 to start the analysis

Run the extended syntax check from the SLIN transaction

QUESTION 37
Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question.

attributes.ini

indexserver.ini

nameservice.ini

global.ini

QUESTION 38
How can you describe the hierarchical relationships between technical entities in the Cloud Foundry?

A global account can have one or many subaccounts

A SaaS tenant acts as one provider account.

A SaaS tenant acts as one Cloud Foundry Organization.

A subscription is a PaaS tenant.

QUESTION 39
Which of the following function can be used to troubleshoot authorization errors for ABAP CDS views with Authorization based on Access Control?

E2E TRACE ANALYSIS

ABAP TRACE

REPORT RSUSR008_009

STAUTHTRACE

QUESTION 40
A system user created a User1 and a schema on the HANA database with some dat a. User2 is developing modelling views and requires access to objects in User1’s schema. What needs to be done?

User1 should grant _SYS_REPO with SELECT WITH GRANT privilege

User2 needs to be granted with the same roles like User1

System user should grant User2 with SELECT privilege to User 1schema

ROLE ADMIN needs to be granted to User2

QUESTION 41
You have implemented CUA in your organization and you only want to compare the company address data between the central system and child systems to perform the synchronization activities. Which transact on do you use for comparing the company address between these systems?

SCUG

SCUM

SUCOMP

SCUC

QUESTION 42
You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted. You want to reset this password by using program TMS_UPDATE_PWD_OF_TMSADM. What steps would you take to reset this password?
Note: There are 2 correct answers to this question

Run this program in the Domain Controller (client 000)

Lock TMSADM in all the system/clients including 000

Assign “SAP_ALL” to TMSADM in all systems/clients including 000

Deactivate the SNC option