最新のSAP P_SECAUTH_21のPDFと問題集で(2023)無料試験問題解答 [Q26-Q50]

Share

最新のSAP P_SECAUTH_21のPDFと問題集で(2023)無料試験問題解答

あなたを合格させるSAP Certified Technology Professional P_SECAUTH_21試験問題集で2023年11月10日には80問あります

質問 # 26
Under which group can you find the 'System Recommendations' tile in the Solution Manager launchpad?

  • A. Root Cause Analysis
  • B. Technical Administration
  • C. IT Service Management
  • D. Change Management

正解:B

解説:
Explanation
This is the group under which you can find the 'System Recommendations' tile in the Solution Manager launchpad. The Solution Manager launchpad is a web-based tool that provides access to various applications and functions of SAP Solution Manager, which is a platform for managing SAP solutions and landscapes. The
'System Recommendations' tile is an application that displays recommendations for applying support packages, patches, or notes to your SAP systems based on their current status and configuration. References:
https://help.sap.com/viewer/product/SAP_SOLUTION_MANAGER/en-US


質問 # 27
How can you describe static and dynamic assignments? Note: There are 2 correct answers to this question.

  • A. Static assignments are set up via the Cloud Cockpit.
  • B. Dynamic assignments are based on scope values.
  • C. Static assignments occur at runtime.
  • D. Dynamic assignments are based on attribute values

正解:A、B

解説:
Explanation
Static assignments are the assignments of roles and role collections to users or groups that are done manually via the Cloud Cockpit. Dynamic assignments are the assignments of roles and role collections to users or groups that are done automatically based on scope values. Scope values are attributes that are derived from the user's identity provider or from the application context. References:
https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/9e1bf57130ef466e8017eab298
https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/9e1bf57130ef466e8017eab298


質問 # 28
What is the SAP Best Practice to delete a security SAP role in SAP landscape?

  • A. Delete the SAP role in all clients in all systems using Profile Generator
  • B. Transport the SAP role and delete the role using Profile Generator
  • C. Delete the SAP role in all clients using Profile Generator
  • D. Delete the SAP role using Profile Generator, and then put it in the transport

正解:B


質問 # 29
Which OData authorizations are required for a user to see business data in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question.

  • A. Access authorization in the SAP Fiori front-end system
  • B. Start authorization in the SAP S/4HANA back-end system
  • C. Access authorization in the SAP S/4HANA back-end system
  • D. Start authorization in the SAP Fiori front-end system

正解:C、D


質問 # 30
You want to check the custom ABAP codes in your system for security vulnerabilities and you want to use the SAP Code Vulnerability Analyzer to carry out these extended security checks. What need to be done for this purpose? Note: There are 2 correct answers to this question

  • A. Run the extended syntax check from the SLIN transaction
  • B. Run SAP Code Vulnerability Analyzer from the ABAP Test Cockpit
  • C. Run the transaction ST12 to start the analysis
  • D. Run SAP Code Vulnerability Analyzer from the transaction ST01

正解:A、B


質問 # 31
How is the role concept applied for modeled authorizations based on Core Data Services (CDS) views?

  • A. CDS roles are defined for CDS views in Object Navigator.
  • B. CDS roles are defined in the WHERE clause when calling a CDS view in Open SQL.
  • C. CDS roles are defined for the CDS views and implicitly applied to each user.
  • D. CDS roles are mapped to the CDS view in the access rules.

正解:D

解説:
Explanation
The role concept for modeled authorizations based on Core Data Services (CDS) views works in this way:
CDS roles are mapped to the CDS view in the access rules that define which users can access which data from the CDS view. The access rules are defined using annotations in the CDS view definition or using a separate access control DDL source file. References:
https://help.sap.com/viewer/cc0c305d2fab47bd808adcad3ca7ee9d/7.5.9/en-US/fafcbcf9d9101014b3d9a08ce33d
https://help.sap.com/viewer/cc0c305d2fab47bd808adcad3ca7ee9d/7.5.9/en-US/fafcbcf9d9101014b3d9a08ce33d


質問 # 32
Which basis transaction provides an optimized user interface for evaluating authorization checks only?

  • A. RSECADMIN
  • B. ABAP_TRACE
  • C. STAUTHTRACE
  • D. ST01

正解:C


質問 # 33
Which features do SAP HANA SQL-based analytic privileges offer compared to classic XML-based ones? Note: there are 2 correct answers to this question.

  • A. Complex filtering
  • B. Control of read-only SAP HANA procedures
  • C. Transportable
  • D. Control of read-only access to SQL views

正解:B、C


質問 # 34
A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12. What does the Return Code 12 signify?

  • A. "Too many parameters for authorization checks"
  • B. "Objects not contained in User Buffer"
  • C. "No authorizations and does NOT have authorization object in their buffer"
  • D. "No authorizations but does have authorization object in their buffer"

正解:D


質問 # 35
You are evaluating the "Cross-client object change" option using transact on SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?

  • A. Changes to repository and cross-client customizing allowed
  • B. No changes to repository objects
  • C. No changes to cross-client customizing objects
  • D. No changes to repository and cross-client customizing objects

正解:D


質問 # 36
The security administrator is troubleshooting authorization errors using transaction SU53.
While running transaction MM50, the user received the following error: "You are not authorized to use transaction MM01 ." The users position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict. What would cause the system to run an authority check using object S_TCODE for transaction MM01 while running transaction MM50?

  • A. The instance parameter auth/no_check_in_some_cases has been set to Y.
  • B. MM01 was maintained as the CALLING transaction in table TCDCOUPLES with field OKFLAG value X.
  • C. The proposal value for the object S_TCODE in the SU24 data for transaction MM50 was incorrectly set to YES.
  • D. The developer who wrote the program for transaction MM50 issues the ABAP command CALL TRANSACTION for transaction MM01 .

正解:D

解説:
Explanation
This would cause the system to run an authority check using object S_TCODE for transaction MM01 while running transaction MM50. The CALL TRANSACTION command is used to start another transaction from within a program. If the user does not have the authorization to execute the called transaction, an error message is displayed and the authority check fails. References:
https://help.sap.com/doc/abapdocu_751_index_htm/7.51/en-US/abenlogon_check_guidl.htm


質問 # 37
How would you control access to ABAP RFC function modules? Note: There are 2 correct answers to this question.

  • A. Implement UCON functionality
  • B. Restrict RFC authorizations
  • C. Deactivate switchable authorization checks
  • D. Block RFC Callback Whitelists

正解:A、B

解説:
Explanation
These are some of the functions that can be used to control access to ABAP RFC function modules in an SAP system. RFC (Remote Function Call) is a protocol that enables communication and data exchange between SAP systems and components using function modules. ABAP RFC function modules are function modules that are written in ABAP language and can be called remotely by other systems or components. UCON (Unified Connectivity) is a feature that allows you to monitor and restrict RFC calls based on various criteria, such as source system, target system, user, or function module. RFC authorizations are authorizations that control access to RFC function modules based on authorization objects, such as S_RFC or S_RFCACL.
References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9e2e3f6f8e41e8a283aaf2ad2c64c4/content.htm?n


質問 # 38
You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted.
You want to reset this password by using the program
TMS_UPDATE_PWD_OF_TMSADM.What steps would you take to reset this password? Note:
There are 2 correct answers to this question.

  • A. Run the program in the Domain Controller (client 000)
  • B. Execute command TP LOCKSYS <SID> pf=<DOMAIN_CONTROLLER_PROFILE>
  • C. Deactivate the SNC option
  • D. Run the program in all systems/clients including 000

正解:A、B

解説:
Explanation
These are some of the steps that you would take to reset the password of the TMSADM user in your SAP landscape by using the program TMS_UPDATE_PWD_OF_TMSADM. The TMSADM user is a special user that is used for Transport Management System (TMS) communication and administration. You would run the program in the Domain Controller (client 000), which is the system that controls the transport domain and configuration. You would also execute the command TP LOCKSYS <SID> pf=<DOMAIN_CONTROLLER_PROFILE>, which locks all systems in the transport domain except the Domain Controller, to prevent any inconsistencies or errors during the password reset process. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9e2e3f6f8e41e8a283aaf2ad2c64c4/content.htm?n


質問 # 39
Which of the following user types can be used to log on interactively? Note: There are 2 correct answers to this question

  • A. Communication
  • B. System
  • C. Service
  • D. Dialog

正解:C、D


質問 # 40
What are the features of the Audit Information System (AIS)? Note: There are 2 correct answers to this question.

  • A. The roles are built from nodes in the Implementation Guide (IMG)
  • B. The report selection variables are configured during setup
  • C. It can be launched directly using transact on SECR
  • D. It offers two types of audit reports: system and business

正解:B、D


質問 # 41
In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction. How do you prevent the access of users to the transaction A from within the program?

  • A. Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.
  • B. Ensure that transact on A is NOT assigned into the same program authorization group
  • C. Maintain the check indicator in table TCDCOUPLES
  • D. Maintain SE93 with authorization objects for transact on A.

正解:D


質問 # 42
Which features does SAProuter provide? Note: There are 2 correct answers to this question.

  • A. HTTP conversion into HTTPS connections
  • B. Load-balanced RFC connections
  • C. Password-protected connections
  • D. Filtered and logged network connections

正解:C、D

解説:
Explanation
SAProuter is a software application that acts as an intermediate station between SAP systems and external networks. It provides features such as filtered and logged network connections based on access control lists, password-protected connections using Secure Network Communication (SNC), and encrypted connections using Secure Socket Layer (SSL). References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


質問 # 43
The security administrator is troubleshooting authorization errors using transaction SU53.
While running transaction MM50, the user received the following error: "You are not authorized to use transaction MM01 ." The user's position in the organization makes it inappropriate for them to have direct access to transaction MM01 because it creates a Segregation of Duties conflict. How can the security administrator resolve the issue and still provide the user with the needed access to MM50?

  • A. Set the check indicator value for object S_TCODE in the SU24 data for transaction MM01 to Do Not Check.
  • B. Set the value for instance parameter auth/no_check_in_some_cases to N.
  • C. Set the check indicator (for the transaction authorization called by the MM01 transaction) to NO, using transaction SE97 for transaction MM50.
  • D. Remove transaction MM01 as a CALLING transaction from table TCDCOUPLES.

正解:C

解説:
Explanation
This is one of the ways that the security administrator can resolve the issue and still provide the user with the needed access to MM50. Transaction SE97 is a tool that allows you to maintain check indicators for called transactions, which determine whether an authority check for object S_TCODE is performed when a transaction calls another transaction. By setting the check indicator to NO for MM01 when it is called by MM50, the user can run MM50 without being authorized for MM01. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


質問 # 44
What does the SAP Security Optimization Service provide? Note: There are 2 correct answers to this question.

  • A. Configuration checks of SAP systems
  • B. Analysis of the security vulnerabilities within an SAP landscape
  • C. Results containing the list of patches that have to be applied
  • D. Analysis of the network configuration

正解:A、D

解説:
Explanation
These are some of the things that the SAP Security Optimization Service provides. SAP Security Optimization Service is a service that enables you to assess and improve the security level of your SAP systems and landscapes based on best practices and recommendations from SAP experts. The service provides configuration checks of SAP systems, which analyze various parameters and settings related to security aspects, such as passwords, authorizations, encryption, or logging. The service also provides analysis of the network configuration, which evaluates the network topology and communication channels between SAP systems and components. References: https://support.sap.com/en/security/security-optim


質問 # 45
What are characteristics of SAP HANA Deployment Infrastructure (HDI) roles? Note: There are 2 correct answers to this question.

  • A. They are owned by the user who creates them.
  • B. They are managed by the native HDI version control.
  • C. They are granted using database procedures.
  • D. They are transportable between systems.

正解:B、C

解説:
Explanation
These are some of the characteristics of SAP HANA Deployment Infrastructure (HDI) roles. HDI roles are roles that are defined and deployed as part of HDI containers, which are isolated units of database objects and data in SAP HANA systems. HDI roles are managed by the native HDI version control, which tracks changes and dependencies among HDI objects and artifacts. HDI roles are granted using database procedures, such as GRANT_CONTAINER_GROUP_ROLE or GRANT_CONTAINER_SCHEMA_ROLE, which enable dynamic role assignments based on container groups or schemas. References:
https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.05/en-US/fafcbcf9d9101014b3d9a08ce33


質問 # 46
You are running a 3-tier SAP system landscape. Each time you are accessing STMS_IMPORT on any of these systems, you are prompted for a TMSADM password. How can you stop this prompt from appearing?

  • A. Reset the TMSADM user's password on the system you are trying to access STMS_ IMPORT.
  • B. Run the report RSUSR405 on the domain controller.
  • C. Change the TMSA DM user's password directly in the TMS RFC destination in transact on SM59.
  • D. Run the report TMS_ UPDATE_PWD_OF_TMSADM on the domain controller.

正解:D


質問 # 47
Which Object ID is used to integrate Business Rule Framework (BRF+) to Multi Step Multi Process (MSMP) initiator workflow?

  • A. Application ID
  • B. Process ID
  • C. Expression ID
  • D. Function ID

正解:D


質問 # 48
How do you check when and by whom profiles were assigned or deleted?

  • A. Run report RSUSR008_009_NEW with appropriate filters
  • B. Run report RSUSR100 with appropriate filters
  • C. Check security audit log using transact on SM20
  • D. Check system trace using transaction ST01

正解:B


質問 # 49
What are characteristics of SAP HANA Deployment Infrastructure (HDI) roles? Note: there are 2 correct answers to this question.

  • A. They are transportable between systems
  • B. They are managed by the native HDI version control.
  • C. They are granted using database procedures
  • D. They are owned by the user who creates them

正解:B、C


質問 # 50
......


SAP P_SECAUTH_21認定試験は、システムセキュリティアーキテクチャの分野で個人のスキルと知識をテストするように設計されています。この認定は、安全なSAPシステムの設計と実装を担当するテクノロジーの専門家を対象としています。この試験は高レベルの認定と見なされており、候補者はSAPのセキュリティと承認の経験を持つことをお勧めします。

 

P_SECAUTH_21問題集はSAP Certified Technology Professional認証済み試験問題と解答:https://jp.fast2test.com/P_SECAUTH_21-premium-file.html

P_SECAUTH_21無料試験学習ガイド!(更新された80問あります):https://drive.google.com/open?id=1GxiZPsHVre3d6doXzA-s1nzED3XxLMqq


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어