C_SEC_2425 - Parte 2

Which tool can you use to modify the entities schema content across multiple repositories?. SAP Business Application Studio. SAP BTP Account Explorer. SAP Cloud Identity Services Transformation Editor. SAP Cloud Identity Services Schemas app.

Following an upgrade of your SAP S/4HANA on-premise system to a higher release, you perform a Modification Comparison using SU25. What does this comparison do?. It compares your changes to the SAP defaults in USOBX and USOBT with the new SAP defaults in the current release and allows you to make adjustments. It compares the Role Maintenance data from the current release with the data for the previous release and allows you to adjust any custom default values in tables USOBX and USOBT. It compares the Role Maintenance data from the previous release with the data for the current release and writes any new default values in tables USOBX_C and USOBT_C. It compares your changes to the SAP defaults in USOBX_C and USOBT_C with the new SAP defaults in the current release and allows you to make adjustments.

Which of the following allow you to control the assignment of table authorization groups? Note: There are 2 correct answers to this question. PRGN_CUST. V_DDAT_54. V_BRG_54. SSM_CUST.

Which limitations apply to restricted users in SAP HANA Cloud? Note: There are 3 correct answers to this question. They can only create objects in their own database schema. They can only connect to the database using HTTP/HTTPS. They only have full SQL access via the SQL console. They cannot connect via ODBC or JDBC. They cannot create objects in the database.

When performing a comparison from the imparting role, what happens to the organizational level field values in the derived role? Note: There are 2 correct answers to this question. Data for organizational levels is always transferred when authorization data for the derived role is modified. Data for organizational levels that have already been maintained in the derived role is NOT overwritten. Data for organizational levels is transferred only when authorization data for the derived role is first modified. Data for organizational levels that have already been maintained in the derived role is overwritten.

What authorization object can be used to restrict which users a security administrator is authorized to maintain?. S_USER_GRD. S_USER_AUTO. S_USER_SASO. S_USER_GRP.

In SAP HANA Cloud, who has access to a database object?. The user DBADMIN and the group owner. The user SYSTEM and the creator. The owner and the SAP-owned users. The creator and the schema owner.

What does a status text value of "Old" mean during the maintenance of authorizations for an existing role?. Field values have not been changed. Field values were unchanged and no new authorization was added. Field values were changed as a result of the merge process. The field delivered with content was changed but the old value was retained.

What must you do before you can use transaction PFCG? Note: There are 2 correct answers to this question. Fill tables USOBT and USOBX with the SAP-delivered authorization default values. Set the system profile parameter auth/no_check_in_some_cases to Y. Fill tables USOBT_C and USOBX_C with the SAP-delivered authorization default values. Set the system profile parameter auth/no_check_in_some_cases to N.

Your developer has created a new custom transaction for your SAP S/4HANA on-premise system and has provided you a list of the authorizations needed to execute the new ABAP program."What must you do to ensure that each required authorization is automatically created every time this new custom transaction is added to a PFCG role?. Maintain each authorization object in transaction SU24 and set the Default Status to "Yes". Maintain each authorization object in transaction SU22 and set the Default Status to "Yes". Maintain each authorization in transaction SU24 and set the Default Status to "Yes". Maintain each authorization in transaction SU22 and set the Check Indicator value to "Check".

What must you do if you want to enforce an additional authorization check when a user starts an SAP transaction?. Assign authorization object S_START to the chosen transaction code with transaction SU24 and specify the Program ID and Object Type. Assign the authorization object to be checked to the chosen transaction code in the SAP Default authorization data using transaction SU22 and set Check Indicator to "Check". Assign the authorization object to be checked to the chosen transaction code with transaction SU24 and set Default Status to "Yes". Assign the authorization object and permissions to the chosen transaction code using transaction SE93.

Which of the following rules does SAP recommend you consider when you define a role-naming convention for an SAP S/4HANA on-premise system?Note: There are 3 correct answers to this question. Role names must NOT start with "SAP". Role names are system language-independent. Role names can be no longer than 20 characters. Role names are system language-dependent. Role names can be no longer than 30 characters.

Where can you find information on the SAP-delivered default authorization object and value assignments? Note: There are 2 correct answers to this question. USOBT_C. USOBT. SU22. SU24.

After you maintained authorization object S_TABU_DIS and ACTVT field value 02 as authorization defaults for transaction SM30 in your development system, what would be the correct option for transporting only these changes to your quality assurance system?. Save your changes to a Workbench transport request and transport using the Transport Management System. Save your changes to a Customizing transport request and transport using the Transport Management System. Save tables USOBT_C and USOBX_C to a transport request and transport using the Transport Management System. Save your changes and use the transport interface in SU25 to transport the changes using the Transport Management System.

Which optional components can be included when transporting a role definition from the development system to the quality assurance system? Note: There are 3 correct answers to this question. Generated profiles of dependent roles. Indirect user assignments. Personalization data. Generated profiles of single roles. Direct user assignments.

Which privilege types are available in SAP HANA Cloud? Note: There are 3 correct answers to this question. Application. Package. System. Analytic. Object.

Under which of the following conditions can you merge authorizations for the same object during role maintenance? Note: There are 2 correct answers to this question. The maintenance status of the changed authorizations must match the status of a manual authorization. The activation status and the maintenance status of the authorizations must match. The activation status and the maintenance status of the authorizations must NOT match. The activation status of a manual authorization must match the status of the changed authorizations.

What are some disadvantages of a Composite Role? Note: There are 2 correct answers to this question. Changes to the authorizations can only be made using the included roles. Transactions that are deleted from the Composite Role menu are also removed from the included roles. Changes to the included roles are not immediately visible in the composite role menu, requiring a renewed import. Menus from the included roles cannot be mixed.

For users with system administration authorization, which additional functions are provided by the SAP Easy Access menu? Note: There are 2 correct answers to this question. Creating users. Calling programs. Creating roles. Calling menus for roles and assigning them to users.

What authorization object can be used to authorize an administrator to create specific authorizations in roles?. S_USER_AUT. S_USER_VAL. S_USER_AGR. S_USER_TCD.

Which code does the authority-check return when a user does NOT have any authorizations for the authorization object checked?. 12. 16. 0. 4.

Which of the following is part of the SAP S/4HANA central UI component?. SAP Fiori launchpad. SAP Fiori object page. SAP Fiori analytical application. SAP Fiori transactional application.

You are evaluating startable applications. Which of the following can you use to check if there is an application start lock on an application contained in a PFCG role? Note: There are 2 correct answers to this question. Transaction SUIM-Executable Transactions report. Transaction SM01_DEV. Transaction SM01_CUS. . Transaction SUIM - Transactions Executable with Profile report.

When creating PFCG roles for SAP Fiori access, what is included automatically when adding a catalog to the menu of a back-end PFCG role? Note: There are 2 correct answers to this question. The start authorizations and the authorization default values for each IWSG TADIR service definitions in the catalog. The start authorizations and the authorization default values for each IWSV TADIR service definitions in the catalog. The IWSG TADIR service definitions from the catalog. The IWSV TADIR service definitions from the catalog.

Which of the following are SAP Fiori Launchpad functionalities? Note: There are 2 correct answers to this question. Spaces. SAP GUI. Web Dynpro. User Actions Menu.

How does Rapid Activation support customers during the SAP S/4HANA on-premise implementation process? Note: There are 3 correct answers to this question. By helping customers to start exploring SAP Fiori in SAP S/4HANA on premises as quickly as possible. By supporting content activation at the business role level, including SAP Fiori apps and all associated Web Dynpro for ABAP applications. By allowing customers to select individual SAP Fiori apps for their end-to-end business processes. By allowing customers to select and activate SAP Fiori apps one by one, independent of dependencies needed for app-to-app navigation. By reducing the SAP Fiori activation effort during the Explore phase of SAP Activate.

You are building a PFCG role for access to an SAP Fiori app on your SAP S/4HANA on-premise system. After you enter the catalog in the role menu, an entry for an OData service is missing and you have to add it manually to the role menu.When you maintain authorization data in the PFCG role, why does SAP recommend that you NOT maintain the SRV_NAME field value of the S_SERVICE authorization object manually?. Because the TADIR Service name is the same for the front-end server component and the back-end server component. Because the TADIR Service name for the back-end server component was automatically added to the role menu. Because the SRV_NAME hash value for the front-end server component and back-end server component are the same. Because the SRV_NAME hash value for the front-end server component and back-end server omponent are different.