SECAUTH 7.0

When re-configuring the user management engine (UME) of an AS Java system, what do you need to consider to change the data source from system database to an ABAP successfully?. The ogon security policy for the existing uer is assigned with the logon security policy in the ABAP system. All users and groups in the system database must have different IDs than existing users and groups in the ABAP system. The UME configuration file dataSourceConfiguration_databse_only.xml is automatically updated with an appropriate dataSourceConfiguration_abap.xml file. You need to import users from the system database into the ABAP system.

SAP GRC Access Control provides risk analysis for which of the following? Note: There are 2 correct answers to this question. Business Role Management. Access Request Management. Business Rule Framework. Password Self-Service.

Based on your company guidelines you have set the password expiration to 60 days. Unfortunately, there is an RFC user in your SAP system who must not have a password change for 180 days. Which option would you recommend to accomplish such a request?. Define the RFC user as a reference user. Change the profile parameter login/password_expiration_time to 180. Create a security policy via SECPOL and assign it to the RFC user. Create an enhancement spot or user exit.

For which reasons would you choose an “anonymous SSL Client PSE” setup? Note: There are 2 correct answers to this question. To use as a container for the Cas. To perform mutual authentication. To use data encryption. To perform authentication.

Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration Interface? Note: There are 2 correct answers to this question. Use a separate port for the administration interface. Use access restrictions to the icm/HTTP/auth_<xx> profile parameter. Use subparameter ALLOWPUB = TRUE of the profile parameter icm/server_port_<xx>. Use Secure Socket Layer (SSL) for encrypted access.

You want to configure SNC in a newly-installed AS ABAP based SAP system. Besides running SNCWIZARD, what else do you need to perform for this scenario? Note: There are 2 correct answers to this question. Enable encrypted HTTP service. Set the parameters using sapgenpse. Retsart the SAP system. Manage the PSE.

What is the purpose of the parameter rec/client in an AS ABAP based SAP system?. To log changes in tables. To generate changes in documents. To generate source code versions. To log changes in Core Data Services views.

What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question. The Logon ticket session is held in the working memory. The Logon ticket is sued for user-to-system communication. The Logon ticket is not domain restricted. The Logon ticket is always set to client 000.

Which measures should we implement to protect the PSEs? Note: There are 2 correct answers to this question. Restrict access to the opposing system users. Encyrpt the files with the transaction SNC0. Review the usage of the S_DATASET object. Review the usage of the S_ADMI_FCD object.

What are the characteristics of HTTP security session management? Note: There are 3 correct answers to this question. Checks the logon credentials again for every request. Deletes security sessions at logoff. Starts security sessions with a short user-based expiration time. Refers to the session context through the session identifier. Creates security sessions at logon.

You are using the SAP Web Dispatcher for load-balancing purposes. Which actions are performed by the SAP Web Dispatcher in this scenario? Note: There are 2 correct answers to this question. Validates the user credentials. Decrypts the HTTPS request and then selects the server. Uses logon groups to determine how to direct requests. Checks the current state of the message server.

You want to allow yout trainee colleagues to use the SAP GUI to connect directly to your SAP S/4HANA (on-premise) demo system form a public internet connection Which of the following SAP solutions is suited for this purpose?. SAP Cloud Connector. SAPProuter. SAP NetWeaver Gateway. SAP Web Dispatcher.

SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question. Use ‘Unsecure communication permitted’ in SU01. Maintain the user access control list in table USRACLEXT. Use the profile parameter snc/accept_insecure_gui with value ‘U’. Use the profile parameter snc/only_encrypted_gui with value ‘0’.

How are assertion tickets used?. They are used for system-to-system encryption. They are used for encrypting Web service communication. They are used for user-to-system trusted login. They are used for system-to-system communication.

You haver created an RFC destination with a registered external RFC server program. When you try to connect to the external RFC destination you receive a “SERVER_NOT_REGISTERED” error message. Note: There are 2 correct answers to this question How can you resolve the issue?. Maintain the access list in the transaction SMMS. Maintain the entries in the REGINFO file. Maintain the entries in the SECINFO file. Maintain the profile parameter gw/acl_mode = 0.

Which features does SAProuter provide? Note: There are 2 correct answers to this question. Filtered and logged network connections. HTTP conversion into HTTPS connections. Password-protected connections. Load-balanced RFC connections.

What are the key capabilities of Enterprise Threat Detection? Note: There are 2 correct answers to this question. Dashboard-based analysis for security risks. Real time capture of abnormal user activities. Predictive threat notification. Blocking user access.

How does the SAP SSO wizard (transaction SNCWIZARD) simplify the SNC configuration process?. It set the profile parameters for SAP SNC in the default profile. It creates the SNC_LIB environment variable in OS user profile. It sets the profile parameter for SAP SNC in the instance profile. It restarts the SAP application server for all profile changes to take effect.

It restarts the SAP application server for all profile changes to take effect . LDAP. NNTP. SNA. RFC.

How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question. Static assignments occur at runtime. Dynamic assignments are based on scope values. Dynamic assignments are based on attribute values. Static assignments are set up via the Cloud Cockpit.