SAP P_SECAUTH_21 SAP Certified Technology Professional - System Security Architect Exam Practice Test

Answer : A, B

Source and Service Provider are two types of systems that can be found in the Identity Provisioning Service landscape. A source system is a system that provides user data to be provisioned to other systems, such as an identity provider or an LDAP server. A service provider system is a system that receives user data from a source system, such as an SAP Cloud Platform subaccount or an SAP SuccessFactors instance. Reference: https://help.sap.com/viewer/product/SAP_CLOUD_PLATFORM_IDENTITY_PROVISIONING_SERVICE/en-US?task=discover_task&page=/~task%2FDiscover%2520the%2520Identity%2520Provisioning%2520Service%2520Landscape~reference%2FSource%2520Systems~reference%2FService%2520Provider%2520Systems~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference%2FIdentity%2520Provisioning%2520Service~reference&show=task-view&mode=task-view&urlhash=ZGZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZg== https://help.sap.com/viewer/product/SAP_CLOUD_PLATFORM_IDENTITY_PROVISIONING_SERVICE/en-US?task=discover_task&page=/~task%2FDiscover%2520the%2520Identity%2520Provisioning%2520Service%2520Landscape~reference%2FSource%2520Systems~reference%2FService%2520Provider%2520Systems~reference&show=task-view&mode=task-view&urlhash=ZGZmZmZmZmZmZmZmZg==

Answer : C, D

These are some of the users that should exist in client 000 of an SAP system. Client 000 is a special client that contains configuration data and tools for system administration and maintenance. TMSADM is a user that is used for Transport Management System (TMS) communication and administration. SAP* is a user that can be used to log on to any client with a predefined password if no other users exist or if all users are locked. Reference: https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true

Answer : B, C, D

These are some of the tasks that you would perform to secure the special user ''SAP*'' in AS ABAP. The user ''SAP*'' is a default user that can be used to log on to any client with a predefined password if no other users exist or if all users are locked. To prevent unauthorized access using this user, you should remove all authorizations from it, lock and expire it in all clients, and set the profile parameter login/no_automatic_user_sapstar to 1, which disables the automatic logon feature for this user. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true

Answer : B, C, E

You can maintain these aspects in transaction SU24 to reduce the overall maintenance in PFCG. By doing so, you can define which authorization objects are checked by default for each transaction code, what values are proposed for each authorization field, and which authorization objects are excluded from the proposal. This way, you can avoid manual adjustments in PFCG and ensure consistency across roles. Reference: https://help.sap.com/viewer/df185fd53bb645b1bd99284ee4e4a750/7.5.21/en-US/4a0c1f51bb571014e10000000a42189c.html https://help.sap.com/viewer/df185fd53bb645b1bd99284ee4e4a750/7.5.21/en-US/4a0c1f51bb571014e10000000a42189c.html

Answer : B, C

These are the communication methods that the SAP Fiori Launchpad uses to retrieve business data from various data sources and services. InA (Information Access) is a protocol that enables analytical queries and data visualization using SAP Analytics Cloud or SAP Lumira. OData (Open Data Protocol) is a protocol that enables CRUD (Create, Read, Update, Delete) operations on data using RESTful web services. Reference: https://help.sap.com/viewer/product/SAP_FIORI_LAUNCHPAD/en-US

Answer : A

Authorization object S_RFCACL is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager. This authorization object allows you to restrict access to RFC calls from trusted systems based on the RFC user name and the name of the calling system. Reference: https://help.sap.com/viewer/bf82e6b26456494cbdd197057c09979f/7.2.10/en-US/4a0c1f51bb571014e10000000a42189c.html https://help.sap.com/viewer/bf82e6b26456494cbdd197057c09979f/7.2.10/en-US/4a0c1f51bb571014e10000000a42189c.html

Answer : B, D

These are some of the tasks that you would perform to resolve the issue of a ''SERVER_NOT_REGISTERED'' error message when trying to connect to an external RFC destination with a registered external RFC server program. The REGINFO file is a file that contains rules for allowing or denying registration requests from external RFC server programs to the gateway of an SAP system. The access list in transaction SMMS is a list that contains rules for allowing or denying connection requests from external RFC clients to an SAP system. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true