Prep Sec fin

Which entities share data with Business Partners in the S/4HANA Business User Concept? Note: There are 2 correct answers to this question. Employer. Administrator. User. Employee.

In SAP S/4HANA Cloud Public Edition, what does the ID of an SAP-predefined Space refer to?. The SAP Fiori applications it was defined for. The software release it was created for. The business roles it is to be assigned to. The business area it was designed for.

When segregating the duties for user and role maintenance, which of the following should be part of a decentralized treble control strategy for a production system? Note: There are 3 correct answers to this question. One decentralized role administrator. One user administrator per application area in the production system. One authorization data administrator. One user administrator per production system. One authorization profile administrator.

Which limitations apply to restricted users in SAP HANA Cloud? Note: There are 3 correct answers to this question. They can only create objects in their own database schema. They only have full SQL access via the SQL console. They can only connect to the database using HTTP/HTTPS. They cannot create objects in the database. They cannot connect via ODBC or JDBC.

What is the correct configuration setting in table PRGN_CUST for user assignments when transporting roles within a Central User Administration scenario?. USER_REL_IMPORT = YES. SET_IMP_LOCK_USERS = NO. SET_IMP_LOCK_USERS = YES. USER_REL_IMPORT = NO.

What can be assigned directly to a user when using the SAP Launchpad service in SAP BTP?. Role collections. Launchpad roles. Launchpad roles. Spaces.

For which of the following can transformation variables be used?. To save data permanently. To save data temporarily. To save data to the output JSON file.

Under which of the following conditions can you merge authorizations for the same object during role maintenance? Note: There are 2 correct answers to this question. The activation status of a manual authorization must match the status of the changed authorizations. The activation status and the maintenance status of the authorizations must NOT match. The maintenance status of the changed authorizations must match the status of a manual authorization. The activation status and the maintenance status of the authorizations must match.

Which of the following rules does SAP recommend you consider when you define a role-naming convention for an SAP S/4HANA on-premise system? Note: There are 3 correct answers to this question. Role names are system language-independent. Role names are system language-dependent. Role names can be no longer than 30 characters. Role names must NOT start with SAP. Role names can be no longer than 20 characters.

In SAP S/4HANA Cloud Public Edition, which of the following can you change in a derived business role if the "Inherit Spaces in Derived Business Roles" checkbox is NOT selected in the leading business role?. Business Catalogs. Business Role Template. Restrictions. Pages.

What authorization object can be used to restrict which users a security administrator is authorized to maintain?. S_USER_GRD. S_USER_SAS. S_USER_AUT. S_USER_GRP.

When performing a comparison from the imparting role, what happens to the organizational level field values in the derived role? Note: There are 2 correct answers to this question. Data for organizational levels is transferred only when authorization data for the derived role is first modified. Data for organizational levels that have already been maintained in the derived role is overwritten. Data for organizational levels is always transferred when authorization data for the derived role is mootied. Data for organizational levels that have already been maintained in the derived role is NOT overwritten.

Which user type in SAP S/4HANA Cloud Public Edition is used for API access, system integration, and scenarios where automated data exchange is required?. SAP Communication User. SAP Administrative User. SAP Technical User. SAP Support User.

Which cryptographic libraries are provided by SAP? Note: There are 2 correct answers to this question. CommonCryptoLib. SAPCRYPTOLIB. Cryptlib. SecLib.

Following an upgrade of your SAP S/4HANA on-premise system to a higher release, you perform a Modification Comparison using SU25. What does this comparison do?. It compares the Role Maintenance data from the current release with the data for the previous release and allows you to adjust any custom detail veces in. It compares your changes to the SAP defaults in USOBX and USOBT with the new SAP defaults in the cument release and allows you to make adjustments. It compares your changes to the SAP defaults in USOBX_C and USOBT_C with the new SAP defaults in the current release and allows you to make aciustne. It compares the Role Maintenance data from the previous release with the data for the cument release and writes any new default values in tables USBOX_C and USER_C.

Which cloud-based SAP solution helps organizations control their data across various cloud platforms and on-premise data sources?. SAP Privacy Governance. Identity Access Governance. SAP Information Steward. SAP Data Custodian.

SAP BTP distinguishes between which of the following users? Note: There are 2 correct answers to this question. Platform users. Key users. Business users. Technical users.

For users with system administration authorization, which additional functions are provided by the SAP Easy Access menu? Note: There are 2 correct answers to this question. Creating roles. Calling menus for roles and assigning them to users. Creating users. Calling programs.

In S/4HANA on-premise, which of the following combinations is required to grant a business user access to data from a Core Data Services (CDS) view using the standard ABAP authorization concept and authorization object S_RS_AUTH?. A CDS role with access conditions based on authorization object S_RS _AUTH. A PFCG role containing the CDS role and access conditions based up authorization object S RS _AUTH. Assignment of the PFCG role to the business user. A PFCG role with authorization for object S_RS_AUTH and assignment of the PFCG role. The CDS role to the business user.

Which code does the authority-check return when a user does NOT have any authorizations for the authorization object checked?. 16. 4. 0. 12.

In the SAP BTP Cockpit, at which level is Trust Configuration available? Note: There are 2 correct answers to this question. Global Account. Organization. Subaccount. Directory.

When planning an authorization concept for your SAP S/4HANA Cloud Public Edition implementation, what rules must you consider? Note: There are 2 correct answers to this question. Business catalogs can be assigned directly to a business user. Business roles can be assigned directly to a business user. Business catalogs can be assigned directly to a business role. SAP Fiori apps, dashboards, and displays can be assigned directly to a business role.

Which optional components can be included when transporting a role definition from the development system to the quality assurance system? Note: There are 3 correct answers to this question. Personalization data. Direct user assignments. Generated profiles of single roles. Indirect user assignments. Generated profiles of dependent roles.

After you maintained authorization object S_TABU_DIS and ACTVT field value 02 as authorization defaults for transaction SM30 in your development system, what would be the correct option for transporting only these changes to your quality assurance system?. Save your changes to a Workbench transport request and transport using the Transport Management System. Save your changes and use the transport interface in SU25 to transport the changes using the Transport Management System. Save tables USOBT_C and USOBX_C to a transport request and transport using the Transport Managenert System. Save your changes to a Customizing transport request and transport using the Transport Management System.

Which application in SAP S/4HANA Cloud Public Edition allows you to upload employee information independent of the customers' HR system?. Maintain Business User app. Identity and Access Management app. Manage Workforce app. Display Technical Users app.

What authorization object can be used to authorize an administrator to create specific authorizations in roles?. S_USER_AUT. S_USER_TCD. S_USER_AGR. S_USER_VAL.

Which solution analyzes an SAP system's administrative areas to safeguard against potential threats?. SAP EarlyWatch Alert. SAP Security Optimization Services. SAP Code Vulnerability Analyzer. SAP Enterprise Threat Detection.

To connect to data sources that are NOT all based on OData, which of the following options does SAP recommend you use?. Cloud connector. SAP Integration Suite. SAP Process Integration. OData Provisioning service.

You are building a PFCG role for access to an SAP Fiori app on your SAP S/4HANA on-premise system. After you enter the catalog in the role menu, an entry for an OData service is missing and you have to add it manually to the role menu. When you maintain authorization data in the PFCG role, why does SAP recommend that you NOT maintain the SRV_NAME field value of the S_SERVICE authorization object manually?. Because the TADIR Service name for the back-end server component was automatically added to the role menus. Because the SRV_NAME hash value for the front-end server component and back-end server component are the same. Because the SRV_NAME hash value for the front-end server component and back-end server component are different. Because the TADIR Service name is the same for the front-end server component and the back-end server component.

Which privilege types are available in SAP HANA Cloud? Note: There are 3 correct answers to this question. Analytic. Application. System. Package. Object.

Which of the following allow you to control the assignment of table authorization groups? Note: There are 2 correct answers to this question. PRGN_CUST. V_BRG_54. V_DDAT_54. SSM_CUST.

In which order do you define the security-relevant objects in SAP BTP?. A- Role Collection. B- Role Template. C- Role. Role Template, Role, Role Collection.

Which functions in SAP Access Control can be used to approve or reject a user's continued access to specific security roles? Note: There are 2 correct answers to this question. Role Reaffirm. Role Certification. SOD Review. User Access Review.

Which of the following are Security Goals? Note: There are 2 correct answers to this question. Information Integrity. Repudiation. Identity Authentication. Encryption.

Which protocol is the industry standard for provisioning identity and access management in hybrid landscapes?. OIDC. SAML. SSL. SCIM.

Which levels of security protection are provided by Secure Network Communication (SNC)? Note: There are 3 correct answers to this question. Integrity. Authentication. Privacy. Authorization. Availability.

How does Rapid Activation support customers during the SAP S/4HANA on-premise implementation process? Note: There are 3 correct answers to this question. By supporting content activation at the business role level, including SAP Fiori apps and all associated Web Dynpro for ABAP applications. By helping customers to start exploring SAP Fiori in SAP S/HANA on premises as quickly as possible. By allowing customers to select individual SAP Fiori apps for their end-to-end business processes. By reducing the SAP Fiori activation effort during the Explore phase of SAP Activate. By allowing customers to select and activate SAP Fiori apps one by one, independent of dependencies needed for agoto-aço revision.

Which archiving objects are relevant for archiving change documents for user master records? Note: There are 2 correct answers to this question. US_USER. US_AUTH. US_PASS. US_PROF.

What does SAP recommend you do when you transport a custom leading business role in SAP S/4HANA Cloud Public Edition?. Add all derived business roles as dependencies to the Software Collection. Add all other leading business roles from the same Line of Business as dependencies to the Software Collection. Add the pre-delivered business role that was used as a template to create the custom leading business role to the Schwart Collecion.

Which authorization objects can be used to restrict access to SAP Enterprise Search models in the SAP Fiori launchpad? Note: There are 2 correct answers to this question. SDDLVIEW. RSDDLTIP. J S_ESH_ADM. S_ESH_CONN.

What does SAP Key Management Service (KMS) do to secure cryptographic keys? Note: There are 3 correct answers to this question. Generate keys. Conceal keys. Transmit keys. Store keys. Rotate keys.

What are some security safeguards categories? Note: There are 3 correct answers to this question. Technical. Organizational. Physical. Access Control. Financial.

What is the authorization object required to define the start authorization for an SAP Fiori legacy Web Dynpro application?. S_SERVICE. S_START. S_TCODE. S_SDSAUTH.

What must you do if you want to enforce an additional authorization check when a user starts an SAP transaction?. Assign the authorization object to be checked to the chosen transaction code with transaction SU24 and vel Delault Status to "Yes. Assign authorization object S_START to the chosen transaction code with transaction SU24 and spechy the Program ID ard Copa Tys. Assign the authorization object to be checked to the chosen transaction code in the SAP Default authorization data using transaction SU22 and set check Indicator. Assign the authorization object and permissions to the chosen transaction code using transaction SE93.

Which SU01 user types are NOT enabled for interaction? Note: There are 2 correct answers to this question. System. Communications. Dialog. Service.

Which of the blowing functions within SAP GRC Access Control support access certification and review? Note: There are 2 correct answers to this Question. Role Review. SOD Review. User/ GO. Review CI User Reaffirm.

Which SAP Fiori deployment option requires the Cloud connector?. SAP Business Technology Platform. SAP S/4HANA embedded. SAP Fiori for SAP S/4HANA standalone front-end server. SAP S/4HANA Cloud Public Edition.

Which solution analyzes an SAP system's administrative areas to safeguard against potential threats?. SAP Security Notes. SAP EarlyWatch Alert. SAP Code Vulnerability Analyzer. SAP Security Optimization Service.

What are some disadvantages of a Composite Role? Note: There are 2 correct answers to this question. Menus from the included roles cannot be mixed. Transactions that are deleted from the Composite Role menu are also removed from the included roles. Changes to the included roles are not immediately visible in the composite role menu, requiring a renewed import. Changes to the authorizations can only be made using the included roles.

If you want to evaluate catalog menu entries and authorization default values of IWSG and IWSV applications, which SUIM reports would you use? Note: There are 2 correct answers to this question. Search Startable Applications in Roles. Roles By Authorization Object. Search Applications in Roles. Roles By Transaction Assignment in Menu.

Where can you find SAP Fiori tiles and target mappings according to segregation of duty?. Assigned Pages. Assigned Technical Catalogs. Assigned Business Catalogs. Assigned Spaces.

In SAP HANA Cloud, who has access to a database object?. The owner and the SAP-owned users. The user DBADMIN and the group owner. The creator and the schema owner. The user SYSTEM and the creator.

What use cases are available for a Local Identity Directory? Note: There are 3 correct answers to this question. Merging attributes. S/4HANA use case. Classic use case. Proxy mode. Hybrid mode.

Which optional components can be included when transporting a role definition from the development system to the quality assurance system? Note: There are 3 correct answers to this question. Personalization data. Generated profiles of dependent roles. Direct user assignments. Indirect user assignments. Generated profiles of single roles.

Your developer has created a new custom transaction for your SAP S/AHANA on-premise system and has provides you a lot of the storages te What must you do to ensure that each required authorization is automatically created every time this new custom transaction is access to a PFCG. Maintain each authorization in transaction SU24 and set the Default Status to "Yes*. Maintain each authorization object in transaction SU24 and set the Default Status to "Yes*. Maintain each authorization object in transaction SU22 and set the Default Status to "Yes". Maintain each authorization in transaction SU22 and set the Check Indicator value to "Check'.

Which tool can you use to modify the entities schema content across multiple repositories?. SAP Cloud Identity Services Schemas app. SAP BTP Account Explorer. SAP Business Application Studio. SAP Cloud Identity Services Transformation Editor.

When creating PFCG roles for SAP Fiori access, what is included automatically when adding a catalog to the menu of a back-end PFCG role? Note: There are 2 correct answers to this question. The IWSG TADIR service definitions from the catalog. The start authorizations and the authorization default values for each IWSG TADIR service definitions in the catalog. The start authorizations and the authorization default values for each IWSV TADIR service definitions in the catalog. The IWSV TADIR service definitions from the catalog.

Where can you find information on the SAP-delivered default authorization object and value assignments? Note: There are 2 correct answers to this question. USOBT. SU22. USOBT_C. SU24.

In SAP HANA Cloud, what can you configure in user groups? Note: There are 2 correct answers to this question. Authorization privileges. Identity providers. Client connect restrictions. Password policy settings.

Which of the following user types are excluded from some general password-related rules, such as password validity or initial password? Note: There are 2 correct answers to this question. System. Communication. Service. Dialog.

What do you configure the Social Media deny providers?. In the administration console for SAP Cloud Identity Services. In the SAP BTP Cockpit Account Explorer. In the code editor of the SAP Business Application Studio.

What are some of the rules for SAP-developed roles in SAP S/4HANA Cloud Public Edition? Note: There are 3 correct answers to this question. Authorization defaults define role authorizations. Role maintenance reads applications from role menus. Catalogs are assigned to role menus. Manual role authorizations are supported in custom catalogs. Role maintenance reads applications from a catalog.

When you maintain authorizations for SAPUI5 Fiori apps, which of the following object types is the front-end authorization object type?. TADIR G4BA - SAP Gateway Odata V4 Backend Service Group & Assignments. TADIR IWSV - SAP Gateway Business Suite Enablement-Service. TADIR IWSG - SAP Gateway: Service Groups Metadata. TADIR INA1 - InA Service.

Which of the following are SAP Fiori Launchpad functionalities? Note: There are 2 correct answers to this question. User Actions Menu. Spaces. Web Dynpro. SAP GUI.

In the administration console of the Cloud Identity Services, which system property types can you add? Note: There are 2 correct answers to this question. Credential. Internal. Default. Standard.

Which of the following is part of the SAP S/4HANA central UI component?. SAP Fiori launchpad. SAP Fiori analytical application. SAP Fiori transactional application. SAP Fiori object page.

An authorization based on what object is required for trusted system access to an SAP Fiori back-end server?. OS_REC. S_RFCACL. S_SERVICE. S_START.

In the administration console of the Cloud Identity Services, which authentication providers are available? Note: There are 2 correct answers to this question. Ariba. Fieldglass. Successfactors. Concur.

What is required to centrally administer a user's master record using Central User Administration? Note: There are 3 correct answers to this question. An ALE distribution model. An entry in transaction BD54 for the child system. An RFC destination to the target system. An RFC destination to the target client. An existing master record in the target client for the user.

Which log types are available in the Administration Console of Cloud Identity Services? Note: There are 2 correct answers to this question. Troubleshooting logs. Performance logs. Change logs. Usage logs.

Which of the following services does the Identity Authentication Service provide? Note: There are 2 correct answers to this question. Authentication. Central User Repository. Policy refinement. Single Sign-On.

Which access categories are available to maintain restrictions in SAP S/4HANA Cloud Public Edition? Note: There are 3 correct answers to this question. Value Help (value help access). Write, Read, Value Help (write access). Read, Value Help (read access). Read (read access). Write, Read (write access).

Detection during the aggregation process? Note: There are 3 correct answers to this question. It is prioritized. It is categorized. It is normalized. It is enriched. It is pseudonymized.

What does a status text value of "Old" mean during the maintenance of authorizations for an existing role?. The field delivered with content was changed but the old value was retained. Field values were changed as a result of the merge process. Field values were unchanged and no new authorization was added. Field values have not been changed.

You are evaluating startable applications. Which of the following can you use to check if there is an application start lock on an application contained in a PFCG role? Note: There are 2 correct answers to this question. Transaction SMO1_CUS. Transaction SUIM - Transactions Executable with Profile report. Transaction SUIM - Executable Transactions report. Transaction SMO1_DEV.

In SAP S/4HANA Cloud Public Edition, what can you do with the Display Authorization Trace? Note: There are 3 correct answers to this question. Analyze authorization check results for already assigned authorizations. Display business roles granting specific access. Analyze authorization check results for missing authorizations. Adjust role restrictions to further limit access when performing forensic analysis. Adjust role restrictions to account for missing authorizations.

In the administration console of the Cloud Identity Services, for which system type can you define both read and wite transformations?. Proxy systems. Target systems. Source systems.

What must you do before you can use transaction PFCG? Note: There are 2 correct answers to this question. Set the system profile parameter auth/no_check_in_some_cases to. Fill tables USOBT_C and USOBX_C with the SAP-delivered authorization default values. Set the system profile parameter auth/no_check_in_some_cases to Y. Fill tables USOBT and USOBX with the SAP-delivered authorization default values.

Which object type is assigned to activated OData services in transaction SU24?. IWSV. IWSG. G4BA. HTTP.

Which cybersecurity type does NOT focus on protecting connected devices?. loT security. Network security. Cloud security. Application security.