リリースSAP P-SECAUTH-21更新された問題PDF [Q35-Q50]

Share

リリースSAP P-SECAUTH-21更新された問題PDF

P-SECAUTH-21問題集と練習テスト(80試験問題)


SAP P_SECAUTH_21認定試験は、システムセキュリティアーキテクチャの知識とスキルを実証したい専門家向けに設計されています。この認定は、SAPシステムを扱い、セキュリティアーキテクチャを専門としたい人​​に適しています。この試験では、セキュリティの概念、認証と承認方法、ネットワークセキュリティ、および変更管理におけるセキュリティなど、幅広いトピックをカバーしています。


SAP P_SECAUTH_21認定は、業界で非常に評価されており、新しいキャリアの機会への扉を開くことができます。この認定を保持している専門家は需要が高く、認定されていないカウンターパートよりも高い給与を命じることができます。さらに、SAP P_Secauth_21認定は、専門家が最新のセキュリティトレンドとテクノロジーを最新の状態に保ち、組織にとってより価値のあるものにすることができます。

 

質問 # 35
While performing an audit of changes to the system and client change options for your production SAP S/4HANA environment, you receive the following message in transaction SCC4. "No logs found for selected period" How can you correct the problem.

  • A. Maintain parameter log-mode with value normal SAP HANA
  • B. Maintain parameter rsau/enable with value 1
  • C. Maintain parameter rdisp/TRACE with value 3
  • D. Maintain parameter rec/client with value ALL

正解:D


質問 # 36
For which reasons would you choose an "anonymous SSL Client PSE" setup? Note: There are
2 correct answers to this question.

  • A. To use as a container for the CAs
  • B. To perform authentication
  • C. To use data encryption
  • D. To perform mutual authentication

正解:A、C

解説:
Explanation
These are some of the reasons why you would choose an "anonymous SSL Client PSE" setup in SAP systems.
An anonymous SSL Client PSE is a PSE that does not contain any client certificates or keys, but only contains certificates of trusted certificate authorities (CAs). It can be used to establish SSL connections with servers that do not require client authentication, but only use data encryption to protect the communication. It can also be used as a container for storing the CAs that are trusted by the client. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


質問 # 37
You have implemented CUA in your organization and you want to set the field distribution attribute as follows: Maintain a default value in the central system that is automatically distributed to the child systems when you create a user. After distribution, the data is maintained only locally and is no longer distributed if you change it in the central or child system. Which field distribution parameter do you maintain?

  • A. Global
  • B. Proposal
  • C. Local
  • D. Redistribution

正解:B


質問 # 38
For which purpose do you use instance Secure Storage File System (SSFS) in an SAP HANA system? Note: There are 2 correct answers to this question.

  • A. To protect the password of the root key backup
  • B. To store root keys for data volume encryption
  • C. To store the secure single sign-on configuration
  • D. To protect the X.509 public key infrastructure certificates

正解:B、C


質問 # 39
You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transaction do you have to use to map a back-end system to one of those roles?

  • A. /IWFND/MAINT_SERVICE
  • B. SM59
  • C. PFCG
  • D. /UI2/GW_SYS_ALIAS

正解:C


質問 # 40
The security administrator is troubleshooting authorization errors using transaction SU53. While running transaction MM50, the user received the following error.
"You are not authorized to use transaction MM01"
The user's position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict.
How can the security administrator resolve the issue and still provide the user with the needed access to MM50?

  • A. Set the value form instance parameter auth/no_check_in_some_cases to N.
  • B. Set the check indicator (for the transaction authorization called by the MM01 transaction) to NO, using transaction SE97 for transaction MM50.
  • C. Set the check indicator value for object S_TCODE in the SU24 data for transaction MM01 to Do Not Check.
  • D. Remove transaction MM01 as a CALLING transaction from table TCDCOUPLES.

正解:B


質問 # 41
Which data source needs to be integrated into SAP Identity Management via the Virtual Directory Server (VOS)?

  • A. SAP HCM
  • B. AS Java
  • C. AS ABAP
  • D. LDAP

正解:D


質問 # 42
What are characteristics of the SAP_INTERNAL_HANA_SUPPORT catalog role? Note: There are 2 correct answers to this question.

  • A. No role can be granted to it.
  • B. It has full access to all metadata.
  • C. System privileges can be granted to the role.
  • D. Object privileges can be granted to the role.

正解:A、B

解説:
Explanation
These are some of the characteristics of the SAP_INTERNAL_HANA_SUPPORT catalog role in SAP HANA systems. A catalog role is a role that is predefined by SAP HANA and stored in the _SYS_REPO schema of the system database. The SAP_INTERNAL_HANA_SUPPORT catalog role is a special role that is used for internal support purposes by SAP employees or authorized partners. No role can be granted to it, which means that it cannot be assigned to any user or role in the system. It has full access to all metadata, which means that it can read all information about tables, views, procedures, functions, or other objects in the system. References:
https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.05/en-US/fafcbcf9d9101014b3d9a08ce33


質問 # 43
The security administrator is troubleshooting authorization errors using transaction SU53.
While running transaction MM50, the user received the following error: "You are not authorized to use transaction MM01 ." The users position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict. What would cause the system to run an authority check using object S_TCODE for transaction MM01 while running transaction MM50?

  • A. The proposal value for the object S_TCODE in the SU24 data for transaction MM50 was incorrectly set to YES.
  • B. MM01 was maintained as the CALLING transaction in table TCDCOUPLES with field OKFLAG value X.
  • C. The instance parameter auth/no_check_in_some_cases has been set to Y.
  • D. The developer who wrote the program for transaction MM50 issues the ABAP command CALL TRANSACTION for transaction MM01 .

正解:D

解説:
Explanation
This would cause the system to run an authority check using object S_TCODE for transaction MM01 while running transaction MM50. The CALL TRANSACTION command is used to start another transaction from within a program. If the user does not have the authorization to execute the called transaction, an error message is displayed and the authority check fails. References:
https://help.sap.com/doc/abapdocu_751_index_htm/7.51/en-US/abenlogon_check_guidl.htm


質問 # 44
What must be included in a PFCG role for an end user on the Fiori front-end server to run an app?

  • A. The S_START authorization object for starting the OData service
  • B. The S_RFC authorization object for the OData access
  • C. The group assignment to display it in the Fiori Launchpad
  • D. The catalog assignment for the start authorization

正解:D

解説:
Explanation
This must be included in a PFCG role for an end user on the Fiori front-end server to run an app. The catalog assignment for the start authorization defines which apps can be started by the user from the Fiori Launchpad.
The catalog assignment is done using the authorization object S_CTS_ADMI with field CTS_ADMI_RUN = SAP_CATALOG_ALL. References:
https://help.sap.com/viewer/a7b390faab1140c087b8926571e942b7/7.5.9/en-US/5c3d6d0f6c461014a1d99bc8a4f
https://help.sap.com/viewer/a7b390faab1140c087b8926571e942b7/7.5.9/en-US/5c3d6d0f6c461014a1d99bc8a4f


質問 # 45
How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

  • A. The DICBERCLS field of the authorization object must enumerate all table names of the tables containing sensitive data.
  • B. Authorization table groups containing tables with sensitive data must be defined in the TDDAT table and these must be omitted for anyone who does not need access to these tables.
  • C. The tables containing sensitive data must be associated with table groups in the TBRG table.
  • D. The tables containing sensitive data must be named using the authorization object S_TABU_NAM for all responsible administrators. The DICBERCLS fields of the S_TABU_DIS object can then be filled with *.

正解:D

解説:
Explanation
This is one of the ways that you can protect a table containing sensitive data using the authorization object S_TABU_DIS. S_TABU_DIS is an authorization object that controls access to tables based on authorization groups, which are groups of tables that share the same access restrictions. The DICBERCLS field of this authorization object contains the name of the authorization group for a table or a range of tables. To protect a table containing sensitive data using this authorization object, you must assign it to an authorization group and enumerate all table names of the tables containing sensitive data in the DICBERCLS field. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?


質問 # 46
Which features do SAP HANA SQL-based analytic privileges offer compared to classic XMLbased ones?
Note: There are 2 correct answers to this question.

  • A. Transportable
  • B. Control of read-only access to SQL views
  • C. Complex filtering
  • D. Control of read-only SAP HANA procedures

正解:B、C

解説:
Explanation
These are some of the features that SAP HANA SQL-based analytic privileges offer compared to classic XML-based ones. Analytic privileges are privileges that restrict access to data in analytical views or calculation views based on certain conditions or filters. SAP HANA supports two types of analytic privileges:
SQL-based and XML-based. SQL-based analytic privileges are defined using SQL statements and stored as database objects. XML-based analytic privileges are defined using XML files and stored as repository objects.
SQL-based analytic privileges offer more features and flexibility than XML-based ones, such as control of read-only access to SQL views, which prevents users from modifying data in the views, and complex filtering, which allows users to define multiple filters with different operators and expressions. References:
https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.05/en-US/fafcbcf9d9101014b3d9a08ce33


質問 # 47
Why should you create multiple dispatchers in SAP Identity Management? Note: There are 2 correct answers to this question.

  • A. To support fail-over scenarios
  • B. To handle password provisioning
  • C. To handle special network access requirements
  • D. To accommodate scalability

正解:C、D


質問 # 48
How are user group administrators and user groups related in SAP HANA? Note: There are 2 correct answers to this question.

  • A. Multiple user group administrators per user group
  • B. Only one user group per user group administrator
  • C. Only one user group administrator per user group
  • D. Multiple user groups per user group administrator

正解:C、D

解説:
Explanation
User group administrators and user groups are related in SAP HANA in this way: a user group administrator can manage multiple user groups, but a user group can have only one user group administrator. A user group administrator can create, modify, and delete user groups, as well as assign users to them. References:
https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.05/en-US/20d5f6af75191014b47cf39247
https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.05/en-US/20d5f6af75191014b47cf39247


質問 # 49
You are evaluating the "Cross-client object change" option using transaction SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?

  • A. No changes to repository and cross-client customizing objects
  • B. Changes to repository and cross-client customizing allowed
  • C. No changes to cross-client customizing objects
  • D. No changes to repository objects

正解:B

解説:
Explanation
This is the recommended setting for the "Cross-client object change" option using transaction SCC4 for your Unit Test Client in the development environment. This setting allows you to make changes to repository objects (such as programs, function modules, classes, etc.) and cross-client customizing objects (such as number ranges, message classes, etc.) in your Unit Test Client without affecting other clients in the same system. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


質問 # 50
......

P-SECAUTH-21試験問題集合格させるのは更新されたのは2023年年最新の認証済み試験問題:https://jp.fast2test.com/P-SECAUTH-21-premium-file.html

ガイド(2023年最新)実際のSAP P-SECAUTH-21試験問題:https://drive.google.com/open?id=1hom-W08IQ55Aff9-sLNSVZPtYQotrF1m


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어