SAP C_SEC_2405 Exam Practice Test Instant Access

Question 1

You are building a PFCG role for access to an SAP Fiori app on your SAP S/4HANA on-premise system. After you enter the catalog in the role menu, an entry for an OData service is missing and you have to add it manually to the role menu.

When you maintain authorization data in the PFCG role, why does SAP recommend that you NOT maintain the SRV_NAME field value of the S_SERVICE authorization object manually?

ABecause the SRV_NAME hash value for the front-end server component and back-end server component are the same.

BBecause the TADIR Service name for the back-end server component was automatically added to the role menu.

CBecause the SRV_NAME hash value for the front-end server component and back-end server component are different.

DBecause the TADIR Service name is the same for the front-end server component and the back-end server component.

Answer : B

Question 2

When segregating the duties for user and role maintenance, which of the following should be part of a decentralized treble control strategy for a production system?

Note: There are 3 correct answers to this question.

AOne user administrator per application area in the production system

BOne user administrator per production system

COne authorization profile administrator

DOne authorization data administrator

EOne decentralized role administrator

Answer : B, D, E

Question 3

For which of the following can transformation variables be used?

ATo save data to the output JSON file

BTo save data temporarily

CTo save data permanently

Answer : B

Question 4

Which cybersecurity type does NOT focus on protecting connected devices?

AApplication security

BCloud security

CNetwork security

DloT security

Answer : A

Question 5

What can be assigned directly to a user when using the SAP Launchpad service in SAP BTP?

ASpaces

BLaunchpad roles

CCatalogs

DRole collections

Answer : D

Question 6

What does a status text value of "Old" mean during the maintenance of authorizations for an existing role?

AField values have not been changed.

BThe field delivered with content was changed but the old value was retained.

CField values were changed as a result of the merge process.

DField values were unchanged and no new authorization was added.

Answer : D

Question 7

Which SU01 user types are NOT enabled for interaction? Note: There are 2 correct answers to this question.

ASystem

BDialog

CCommunications Data

DService

Answer : A, C

SAP Certified Associate - Security Administrator C_SEC_2405 Exam Practice Test