• Home
  • Articles
  • [Aug 19, 2023] Pass P-SECAUTH-21 Review Guide, Reliable P-SECAUTH-21 Test Engine [Q37-Q57]

[Aug 19, 2023] Pass P-SECAUTH-21 Review Guide, Reliable P-SECAUTH-21 Test Engine [Q37-Q57]

Share

[Aug 19, 2023] Pass P-SECAUTH-21 Review Guide, Reliable P-SECAUTH-21 Test Engine

P-SECAUTH-21 Test Engine Practice Test Questions, Exam Dumps


Achieving the P-SECAUTH-21 certification demonstrates a thorough understanding of SAP system security concepts and best practices, and can lead to career advancement opportunities in the field of system security architecture. Additionally, employers can be assured that certified professionals have the knowledge and skills needed to ensure the security and integrity of their SAP systems.

 

NEW QUESTION # 37
What is the User Management Engine (UME) property "connect on pooling" used for? Note: There are 2 correct answers to this question.

  • A. To create a new connect on to the LDAP directory server for each request
  • B. To improve performance of requests to the LDAP directory server
  • C. To avoid unauthorized request to the LDAP directory server
  • D. To share server resources among requesting LDAP clients

Answer: B,D


NEW QUESTION # 38
You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted. You want to reset this password by using program TMS_UPDATE_PWD_OF_TMSADM. What steps would you take to reset this password?
Note: There are 2 correct answers to this question

  • A. Assign "SAP_ALL" to TMSADM in all systems/clients including 000
  • B. Deactivate the SNC opt on
  • C. Run this program in the Domain Controller (client 000)
  • D. Lock TMSADM in all the system/clients including 000

Answer: C,D


NEW QUESTION # 39
SNC is configured in the production system. For emergency purposes, you want to allow certain accounts to be able to access the system with password logon. What do you need to set up for this purpose? Note: There are 2 correct answers to this question.

  • A. Use the 'Unsecure communication permitted option' In SU01 for specific users
  • B. Use profile parameter SNC/ONLY_ENCRYPTED_GUI with value 'O'
  • C. Maintain the user access control list in table USRACLEXT
  • D. Use profile parameter SNC/ACCEPT_ INSECURE_GUI with value 'U'

Answer: A,D


NEW QUESTION # 40
Which communication protocols are supported by the SAP Cloud Connector? Note: There are 2 correct answers to this question.

  • A. SNA
  • B. RFC
  • C. LDAP
  • D. NNTP

Answer: B,C

Explanation:
Explanation
The SAP Cloud Connector supports these communication protocols: LDAP (Lightweight Directory Access Protocol) and RFC (Remote Function Call). LDAP is used to connect to an on-premise directory service, such as Active Directory, and synchronize user data with the cloud identity provider. RFC is used to connect to an on-premise SAP system and enable remote function calls from the cloud applications. References:
https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/e6c7616abb5710148cfcf3e75d96
https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/e6c7616abb5710148cfcf3e75d96


NEW QUESTION # 41
Under which group can you find the 'System Recommendations' tile in the Solution Manager launchpad?

  • A. Change Management
  • B. Technical Administration
  • C. Root Cause Analysis
  • D. IT Service Management

Answer: B

Explanation:
Explanation
This is the group under which you can find the 'System Recommendations' tile in the Solution Manager launchpad. The Solution Manager launchpad is a web-based tool that provides access to various applications and functions of SAP Solution Manager, which is a platform for managing SAP solutions and landscapes. The
'System Recommendations' tile is an application that displays recommendations for applying support packages, patches, or notes to your SAP systems based on their current status and configuration. References:
https://help.sap.com/viewer/product/SAP_SOLUTION_MANAGER/en-US


NEW QUESTION # 42
How do you secure the special user "SAP*" in AS ABAP? Note: There are 3 correct answers to this question.

  • A. Lock and expire the user in all clients except 000
  • B. Set profile parameter login/no_automatic_user_sapstar to 1
  • C. Set profile parameter login/no_automatic_user_sapstar to 0
  • D. Lock and expire the user in all clients
  • E. Remove all authorizations from the user

Answer: B,D,E

Explanation:
Explanation
These are some of the tasks that you would perform to secure the special user "SAP*" in AS ABAP. The user
"SAP*" is a default user that can be used to log on to any client with a predefined password if no other users exist or if all users are locked. To prevent unauthorized access using this user, you should remove all authorizations from it, lock and expire it in all clients, and set the profile parameter login/no_automatic_user_sapstar to 1, which disables the automatic logon feature for this user. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


NEW QUESTION # 43
What is the purpose of the parameter rec/client in an AS ABAP based SAP system?

  • A. To generate source code versions
  • B. To log changes in tables
  • C. To log changes in Core Data Services views
  • D. To generate changes in documents

Answer: B


NEW QUESTION # 44
You are running an SAP HANA database in a multi database container (MDC) mode with a single tenant configured. The global_auditing_state parameter has been set to "true" on the global.ini.After restarting the system and tenant databases, the tenant did not come up. When checking the cause, it was discovered that a tenant configuration parameter has been changed. The audit logging did NOT show any events.What could be the reason for this? Note: There are 2 correct answers to this question.

  • A. The audit level was set to INFO
  • B. The global_auditing_state parameter on the nameserver.ini file needs to be activated
  • C. The configuration parameter was changed from the OS level
  • D. The system was offline when the changes were done

Answer: B,C


NEW QUESTION # 45
When re-configuring the user management engine (UME) of an AS Java system, what do you need to consider to change the data source from system database to an ABAP system successfully?

  • A. The logon security policy for the existing users is aligned with the logon security policy in the ABAP system.
  • B. You must manually replace the UME configuration file dataSourceConfiguration_database_only.xmlwith an appropriate dataSourceConfiguration_abap.xmlfile.
  • C. All users and groups in the system database must have different IDs than existing users and groups in the ABAP system.
  • D. You need to import the users from the system database into the ABAP system.

Answer: C


NEW QUESTION # 46
Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?

  • A. S_RFC_TTAC
  • B. S_RFCACL
  • C. S_ACL_HIST
  • D. S_RFC_TT

Answer: B

Explanation:
Explanation
Authorization object S_RFCACL is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager. This authorization object allows you to restrict access to RFC calls from trusted systems based on the RFC user name and the name of the calling system.
References:
https://help.sap.com/viewer/bf82e6b26456494cbdd197057c09979f/7.2.10/en-US/4a0c1f51bb571014e10000000a
https://help.sap.com/viewer/bf82e6b26456494cbdd197057c09979f/7.2.10/en-US/4a0c1f51bb571014e10000000a


NEW QUESTION # 47
Which SAP tool provides functions to support Data Destruction, Business Rules Maintenance, and Processing of Audit Areas?

  • A. SAP Information Lifecycle Management
  • B. SAP Data Controller Rule Framework
  • C. SAP Information Retrieval Framework
  • D. SAP Business Rule Framework Plus

Answer: A

Explanation:
Explanation
SAP Information Lifecycle Management (SAP ILM) provides functions to support Data Destruction, Business Rules Maintenance, and Processing of Audit Areas. SAP ILM enables you to manage the retention and destruction of data according to legal and business requirements, as well as to archive and delete data securely and compliantly. References:
https://help.sap.com/viewer/product/SAP_INFORMATION_LIFECYCLE_MANAGEMENT_ILM_/200/en-US
https://help.sap.com/viewer/product/SAP_INFORMATION_LIFECYCLE_MANAGEMENT_ILM_/200/en-US


NEW QUESTION # 48
You have an HR table for which you want to create a role to provide users the ability to display and change its table content based on the country groupings. Which of the steps would you take to accomplish these requirements? Note: There are 2 correct answers to this question.

  • A. Maintain the authorization object S_TABU_NAM
  • B. Create an authorization group with appropriate authorization fields for the table
  • C. Maintain the authorization object S_TABU_LIN
  • D. Define an organization criterion through transaction SPRO

Answer: C,D


NEW QUESTION # 49
To which services package does SAP Security Optimization Services (SOS) belong?

  • A. EarlyWatch Reporting
  • B. Application Integration Optimization
  • C. System Administration Optimization
  • D. Performance Optimization

Answer: C

Explanation:
Explanation
This is one of the services packages that SAP Security Optimization Services (SOS) belongs to. SOS is a service that enables you to assess and improve the security level of your SAP systems and landscapes based on best practices and recommendations from SAP experts. SOS belongs to System Administration Optimization services package, which is a package that provides services for optimizing various aspects of system administration and operation, such as performance, availability, backup, or security. References:
https://support.sap.com/en/security/security-optimization-services.html
https://support.sap.com/en/security/security-optimization-services.html


NEW QUESTION # 50
Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question.

  • A. nameservice.ini
  • B. global.ini
  • C. attributes.ini
  • D. indexserver.ini

Answer: A,D


NEW QUESTION # 51
You are running a 3-tier SAP system landscape. Each time you are accessing STMS_IMPORT on any of these systems, you are prompted for a TMSADM password. How can you stop this prompt from appearing?

  • A. Run the report RSUSR405 on the domain controller.
  • B. Run the report TMS_ UPDATE_PWD_OF_TMSADM on the domain controller.
  • C. Change the TMSA DM user's password directly in the TMS RFC destination in transact on SM59.
  • D. Reset the TMSADM user's password on the system you are trying to access STMS_ IMPORT.

Answer: B


NEW QUESTION # 52
Which tool do you use to customize the SAP HANA default password policy? Note: There are 2 correct answers to this question.

  • A. SAP Web IDE
  • B. SAP HANA Studio
  • C. SAP HANA Lifecycle Manager
  • D. SAP HANA Cockpit

Answer: A,B


NEW QUESTION # 53
How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

  • A. The field DICBERCLS of the authorization object must enumerate all table names of the tables containing sensitive data.
  • B. The tables containing sensitive data must be associated with table groups in table TBRG.
  • C. Authorization table groups containing tables with sensitive data must be defined in table TDDAT and these must be omitted for all employees who do not need access to these tables
  • D. The tables containing sensitive data must be named using the authorization object S_TA BU_NAM for all responsible administrator employees. The fields DICBERCLS of the object S_TABU_DIS can

Answer: C

Explanation:
then be filled with *.


NEW QUESTION # 54
How is the role concept applied for modeled authorizations based on Core Data Services (CDS) views?

  • A. CDS roles are mapped to the CDS view in the access rules.
  • B. CDS roles are defined for the CDS views and implicitly applied to each user.
  • C. CDS roles are defined in the WHERE clause when calling a CDS view in Open SQL.
  • D. CDS roles are defined for CDS views in Object Navigator.

Answer: A

Explanation:
Explanation
The role concept for modeled authorizations based on Core Data Services (CDS) views works in this way:
CDS roles are mapped to the CDS view in the access rules that define which users can access which data from the CDS view. The access rules are defined using annotations in the CDS view definition or using a separate access control DDL source file. References:
https://help.sap.com/viewer/cc0c305d2fab47bd808adcad3ca7ee9d/7.5.9/en-US/fafcbcf9d9101014b3d9a08ce33d
https://help.sap.com/viewer/cc0c305d2fab47bd808adcad3ca7ee9d/7.5.9/en-US/fafcbcf9d9101014b3d9a08ce33d


NEW QUESTION # 55
You are setting up your SAP NetWeaver AS in a SSL client scenario. What are the reasons to choose an "anonymous SSL Client PSE" setup?
Note: There are 2 correct answers to this question.

  • A. To have an individual identity when accessing a specific application
  • B. To support server-side authentication and data encryption
  • C. To support mutual authentication
  • D. To use as a container for the list of CAs that the server trusts

Answer: B,D


NEW QUESTION # 56
What are main characteristics of the Logon ticket throughout an SSO logon procedure? Note: There are 2 correct answers to this question.

  • A. The Logon ticket is used for user-to-system communication
  • B. The Logon ticket is domain restricted
  • C. The Logon ticket has an unconfigurable lifetime validity
  • D. The Logon ticket session is held in the working memory

Answer: A,B


NEW QUESTION # 57
......


SAP P-SECAUTH-21 exam covers a range of topics, including security architecture and design, access control, data protection, network security, and secure communication. It also evaluates the candidate's ability to assess and mitigate security risks, implement security solutions, and monitor the security posture of SAP systems. P-SECAUTH-21 exam is based on SAP's latest security standards, guidelines, and technologies, ensuring that certified professionals are up to date with the latest security trends.

 

100% Free P-SECAUTH-21 Daily Practice Exam With 80 Questions: https://certkingdom.preppdf.com/SAP/P-SECAUTH-21-prepaway-exam-dumps.html

Related Articles

more
SAP P-SECAUTH-21 Certification Practice Exam