• Home
  • Articles
  • [Feb-2024] P-SECAUTH-21 PDF Dumps Are Helpful To produce Your Dreams Correct QA's [Q35-Q54]

[Feb-2024] P-SECAUTH-21 PDF Dumps Are Helpful To produce Your Dreams Correct QA's [Q35-Q54]

Share

[Feb-2024] P-SECAUTH-21 PDF Dumps Are Helpful To produce Your Dreams Correct QA's

New P-SECAUTH-21 exam Free Sample Questions to Practice

NEW QUESTION # 35
Which tasks would you perform to allow increased security for the SAP Web Dispatcher Web Administration interface? Note: There are 2 correct answers to this question.

  • A. Use subparameter ALLOWPUB = FALSE of the profile parameter icm/server_port_<xx>
  • B. Use a separate port for the content
  • C. Use access restrictions with the icm/HTTP/auth_<xx> profile parameter
  • D. Use Secure Socket Layer (SSL) for password encrypt on

Answer: A,B


NEW QUESTION # 36
An end user has indicated that they are getting an authorization error when attempting to call a Transaction Code (TCD). However, the TCD exists in their User Menu. What could be the issue and where would you check?

  • A. This user is blocked from calling the TCD; check in SM01 .
  • B. An entry in table USRBF prevents them from calling the TCD; check in SE1 6
  • C. Additional authorization checks are required for the TC; check in SE93.
  • D. The TCD is assigned to the user via multiple roles; check in PFCG.

Answer: C

Explanation:
Explanation
This could be the issue that causes the end user to get an authorization error when attempting to call a Transaction Code (TCD) that exists in their User Menu. SE93 is a transaction that allows you to create and maintain transaction codes and their properties. One of the properties is the authorization check, which determines whether additional authorization objects are checked when a transaction code is executed. If the authorization check for a transaction code is set to Yes, the user needs to have the corresponding authorization objects in their role or profile, otherwise they will get an error message. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9e2e3f6f8e41e8a283aaf2ad2c64c4/content.htm?n


NEW QUESTION # 37
Which features does SAProuter provide?
Note: There are 2 correct answers to this question

  • A. Filtered and logged network connections
  • B. Load-balanced RFC connections
  • C. Password-protected connections
  • D. HTTP conversion into HTTPS connections

Answer: A,C


NEW QUESTION # 38
Based on your company guidelines you have set the password expiration to 60 days. Unfortunately, there is an RFC user in your SAP system who must not have a password change for 180 days. Which option would you recommend to accomplish such a request?

  • A. Create an enhancement spot or user exit
  • B. Create a security policy via SECPOL and assign it to the RFC user
  • C. Define the RFC user as a reference user
  • D. Change the profile parameter login/password_expiration_time to 180

Answer: B


NEW QUESTION # 39
SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question.

  • A. Use profile parameter SNC/ONLY_ENCRYPTED_GUI with value 'O'
  • B. Maintain the user access control list in table USRACLEXT
  • C. Use profile parameter SNC/ACCEPT_ INSECURE_GUI with value 'U'
  • D. Use the 'Unsecure communication permitted option' In SU01 for specific users

Answer: C,D


NEW QUESTION # 40
How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

  • A. The tables containing sensitive data must be named using the authorization object S_TABU_NAM for all responsible administrators. The DICBERCLS fields of the S_TABU_DIS object can then be filled with *.
  • B. Authorization table groups containing tables with sensitive data must be defined in the TDDAT table and these must be omitted for anyone who does not need access to these tables.
  • C. The DICBERCLS field of the authorization object must enumerate all table names of the tables containing sensitive data.
  • D. The tables containing sensitive data must be associated with table groups in the TBRG table.

Answer: A

Explanation:
Explanation
This is one of the ways that you can protect a table containing sensitive data using the authorization object S_TABU_DIS. S_TABU_DIS is an authorization object that controls access to tables based on authorization groups, which are groups of tables that share the same access restrictions. The DICBERCLS field of this authorization object contains the name of the authorization group for a table or a range of tables. To protect a table containing sensitive data using this authorization object, you must assign it to an authorization group and enumerate all table names of the tables containing sensitive data in the DICBERCLS field. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?


NEW QUESTION # 41
You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?

  • A. No changes to repository objects
  • B. Changes to repository and cross-client customizing allowed
  • C. No changes to cross-client customizing objects
  • D. No changes to repository and cross-client customizing objects

Answer: D


NEW QUESTION # 42
How would you control access to ABAP RFC function modules? Note: There are 2 correct answers to this question.

  • A. Deactivate switchable authorization checks
  • B. Restrict RFC authorizations
  • C. Implement UCON functionality
  • D. Block RFC Callback Whitelists

Answer: B,C

Explanation:
Explanation
These are some of the functions that can be used to control access to ABAP RFC function modules in an SAP system. RFC (Remote Function Call) is a protocol that enables communication and data exchange between SAP systems and components using function modules. ABAP RFC function modules are function modules that are written in ABAP language and can be called remotely by other systems or components. UCON (Unified Connectivity) is a feature that allows you to monitor and restrict RFC calls based on various criteria, such as source system, target system, user, or function module. RFC authorizations are authorizations that control access to RFC function modules based on authorization objects, such as S_RFC or S_RFCACL.
References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9e2e3f6f8e41e8a283aaf2ad2c64c4/content.htm?n


NEW QUESTION # 43
The security administrator is troubleshooting authorization errors using transaction SU53. While running transaction MM50, the user received the following error.
"You are not authorized to use transaction MM01"
The user's position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict.
How can the security administrator resolve the issue and still provide the user with the needed access to MM50?

  • A. Set the check indicator (for the transaction authorization called by the MM01 transaction) to NO, using transaction SE97 for transaction MM50.
  • B. Set the check indicator value for object S_TCODE in the SU24 data for transaction MM01 to Do Not Check.
  • C. Remove transaction MM01 as a CALLING transaction from table TCDCOUPLES.
  • D. Set the value form instance parameter auth/no_check_in_some_cases to N.

Answer: A


NEW QUESTION # 44
What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question

  • A. The Logon ticket is sued for user-to-system communication
  • B. The Logon ticket is always set to client 000
  • C. The Logon ticket is not domain restricted
  • D. The Logon ticket session is held in the working memory

Answer: A,C


NEW QUESTION # 45
How can you register an SAP Gateway service? Note: There are 2 correct answers to this question.

  • A. Use transaction SEGW on the back-end server
  • B. Use transaction /IWFND/MA INT_SERVICE on the front-end server
  • C. Use SAP_GAT EWAY_BASIC_CONFIG in transact on STCO 1 on the frontend server
  • D. Use SAP_GAT EWAY_ACTIVATE_ODATA_SERV in transact on STC01 on the front-end server

Answer: A,B


NEW QUESTION # 46
What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.

  • A. Configuration check of the SAP systems and the SAP middleware components against defined configurations
  • B. Results with recommendations on how to resolve identified vulnerabilities without prioritization
  • C. Analysis of security vulnerabilities within an enterprise's SAP landscape to ensure optimal protection against intrusions
  • D. Analysis of your operating system, database, and entire SAP system to ensure optimal performance and reliability

Answer: A,C


NEW QUESTION # 47
Which platform services are available in the Cloud Foundry? Note: There are 2 correct answers to this question

  • A. Commerce
  • B. Analytics
  • C. Data Quality
  • D. Integration

Answer: B,D


NEW QUESTION # 48
You have delimited a single role that is part of a composite role, and a user comparison for the composite role has been performed. You notice that the comparison did NOT remove the profile assignments for that single role. What program would you run to resolve this situation?

  • A. PRGN_COMPARE_ROLE_MENU
  • B. PRGN_DELETE_ACTIVITY_GROUPS
  • C. PRGN_MERGE_PREVIEW
  • D. PRGN_COMPRESS_TIMES

Answer: B

Explanation:
Explanation
This is one of the programs that you would run to resolve this situation of not removing profile assignments for a single role after delimiting it and performing user comparison for its composite role. A single role is a role that contains authorizations for one application area or function. A composite role is a role that contains other roles as sub-roles without any authorizations by itself. A user comparison is a process that synchronizes user master records with role assignments and profile assignments in PFCG transaction.
PRGN_DELETE_ACTIVITY_GROUPS is a program that deletes single roles or composite roles from user master records along with their profile assignments. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?


NEW QUESTION # 49
You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transactions do you have to use to map a back-end system to one of those roles?

  • A. SEGW
  • B. /IWFND/MAINT_SERVICE
  • C. PFCG
  • D. /UI2/GW_SYS_ALIAS

Answer: B


NEW QUESTION # 50
Which of the 7 core principles of the General Data Privacy Regulation (GDPR) requires thorough documentation of all policies and controls that govern the collection and processing of data?

  • A. Integrity and Confidentiality
  • B. Accuracy
  • C. Accountability
  • D. Lawfulness, Fairness and Transparency

Answer: C


NEW QUESTION # 51
SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question.

  • A. Use 'Unsecure communication permitted' in SU01
  • B. Maintain the user access control list in table USRACLEXT
  • C. Use the profile parameter snc/accept_insecure_gui with value 'U'
  • D. Use the profile parameter snc/only_encrypted_gui with value '0'

Answer: A,D

Explanation:
Explanation
These are some of the things that you need to set up for this purpose of allowing certain accounts to be able to access the system with password logon even when SNC is configured in the production system. SNC (Secure Network Communication) is a feature that enables secure and encrypted communication between SAP systems and components using certificates and keys. SU01 is a transaction that allows you to create and maintain user master records and their properties. One of the properties is the 'Unsecure communication permitted' flag, which determines whether a user can log on to the system without SNC protection. The profile parameter snc/only_encrypted_gui is a parameter that controls whether only SNC-protected connections are allowed from SAP GUI clients. If the parameter is set to '0', both SNC-protected and unprotected connections are allowed. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?


NEW QUESTION # 52
What is the User Management Engine (UME) property "connect on pooling" used for? Note: There are 2 correct answers to this question.

  • A. To share server resources among requesting LDAP clients
  • B. To avoid unauthorized request to the LDAP directory server
  • C. To create a new connect on to the LDAP directory server for each request
  • D. To improve performance of requests to the LDAP directory server

Answer: A,D


NEW QUESTION # 53
You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out these extended security checks. What need to be done for this purpose? Note: There are 2 correct answers to this question

  • A. Run the extended syntax check from the SLIN transaction
  • B. Run the transaction ST12 to start the analysis
  • C. Run SAP Code Vulnerability Analyzer from the transaction ST01
  • D. Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit

Answer: A,D


NEW QUESTION # 54
......

Cover P-SECAUTH-21 Exam Questions Make Sure You 100% Pass: https://certkiller.passleader.top/SAP/P-SECAUTH-21-exam-braindumps.html

Related Articles

more
SAP P-SECAUTH-21 Certification Practice Exam