2024年最新の有効なP_SECAUTH_21リアル試験問題(更新された)100%問題集と練習試験合格させます [Q43-Q60]

Share

2024年最新の有効なP_SECAUTH_21リアル試験問題(更新された)100%問題集と練習試験合格させます

[更新されたのは2024年]SAP P_SECAUTH_21問題準備には無料サンプルのPDF


SAP P_SECAUTH_21 認定は、業界で高く評価され、キャリアアップの機会につながるものです。認定された専門家は、システムセキュリティアーキテクト、セキュリティコンサルタント、またはセキュリティアナリストとして働くことができます。この認定は、候補者が SAP システムのセキュリティを確保する専門知識を持っていることを証明し、雇用主が自社システムが有能な手で管理されていることを保証します。

 

質問 # 43
To prevent session fixation and session hijacking attacks, SAP's HTTP security session management is highly recommended. What are the characteristics of HTTP security session management? Note: There are 2 correct answers to this question.

  • A. It uses URLs containing sap-context d to identify the security session
  • B. The session identifier is a reference to the session context transmitted through a cookie.
  • C. The system is checking the logon credentials again for every request
  • D. The security sessions are created during logon and deleted during logoff.

正解:B、D


質問 # 44
Which features does SAProuter provide? Note: There are 2 correct answers to this question.

  • A. HTTP conversion into HTTPS connections
  • B. Password-protected connections
  • C. Load-balanced RFC connections
  • D. Filtered and logged network connections

正解:B、D

解説:
Explanation
SAProuter is a software application that acts as an intermediate station between SAP systems and external networks. It provides features such as filtered and logged network connections based on access control lists, password-protected connections using Secure Network Communication (SNC), and encrypted connections using Secure Socket Layer (SSL). References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


質問 # 45
What connection type is used for restricted users?

  • A. HTTP/S
  • B. JDBC
  • C. OLEDB
  • D. ODBC

正解:A


質問 # 46
You have Reason Codes already defined. Which is the correct sequence of steps to configure a Firefighter ID in Emergency Access Management?

  • A. Maintain a Firefighter ID for Controllers and Firefighters
    Maintain an Owner for a Firefighter ID
    Maintain Access Control Owner
  • B. Maintain an Owner for a Firefighter ID
    Maintain a Firefighter ID for Controllers and Firefighters
    Maintain Access Control Owner
  • C. Maintain an Owner for a Firefighter ID
    Maintain a Firefighter ID for Controllers and Firefighters
    Maintain Access Control Owner
  • D. Maintain an Owner for a Firefighter ID
    Maintain a Firefighter ID for Controllers and Firefighters
    Maintain Access Control Owner

正解:C


質問 # 47
Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?

  • A. S_RFC_TT
  • B. S_RFCACL
  • C. S_ACL_HIST
  • D. S_RFC_TTAC

正解:B

解説:
Explanation
Authorization object S_RFCACL is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager. This authorization object allows you to restrict access to RFC calls from trusted systems based on the RFC user name and the name of the calling system.
References:
https://help.sap.com/viewer/bf82e6b26456494cbdd197057c09979f/7.2.10/en-US/4a0c1f51bb571014e10000000a
https://help.sap.com/viewer/bf82e6b26456494cbdd197057c09979f/7.2.10/en-US/4a0c1f51bb571014e10000000a


質問 # 48
Which platform services are available in the Cloud Foundry? Note: There are 2 correct answers to this question

  • A. Analytics
  • B. Data Quality
  • C. Integration
  • D. Commerce

正解:A、C


質問 # 49
To which services packages does SAP Security Optimization Services (SOS) belong?

  • A. Application Integration Optimization
  • B. System Administration Optimization
  • C. Performance Optimization
  • D. EarlyWatch Reporting

正解:B


質問 # 50
What are the characteristics of HTTP security session management? Note: There are 3 correct answers to this question.

  • A. Refers to the session context through the session identifier
  • B. Checks the logon credentials again for every request.
  • C. Creates security sessions at logon
  • D. Starts security sessions with a short user-based expiration time
  • E. Deletes security sessions at logoff

正解:A、C、D

解説:
Explanation
These are some of the characteristics of HTTP security session management in SAP systems. HTTP security session management creates security sessions at logon that store information about the user's identity and authorizations in a session context on the server side. The security sessions start with a short user-based expiration time that can be extended by user activity or terminated by logoff or timeout. The security sessions refer to the session context through a session identifier that is passed between the client and the server using cookies or URL parameters. References:
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_
https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_


質問 # 51
Your customer runs a 3-tier environment You are asked to set up controls around monitoring the sensitive objects (such as programs, user-exits, function modules) in a development system before they are transported to the quality assurance system.
Which table would you maintain to monitor such sensitive objects before executing an import?

  • A. TMSMCONF
  • B. TMSBUFFER
  • C. TMSCDES
  • D. TMSTCRI

正解:D


質問 # 52
For which purpose do you use instance Secure Storage File System (SSFS) in an SAP HANA system? Note: There are 2 correct answers to this question.

  • A. To protect the X.509 public key infrastructure certificates
  • B. To protect the password of the root key backup
  • C. To store root keys for data volume encryption
  • D. To store the secure single sign-on configuration

正解:B、C


質問 # 53
What must be included in a PFCG role for an end user on the Fiori front-end server to run an app?

  • A. The group assignment to display it in the Fiori Launchpad
  • B. The S_RFC authorization object for the OData access
  • C. The catalog assignment for the start authorization
  • D. The S_START authorization object for starting the OData service

正解:C

解説:
Explanation
This must be included in a PFCG role for an end user on the Fiori front-end server to run an app. The catalog assignment for the start authorization defines which apps can be started by the user from the Fiori Launchpad.
The catalog assignment is done using the authorization object S_CTS_ADMI with field CTS_ADMI_RUN = SAP_CATALOG_ALL. References:
https://help.sap.com/viewer/a7b390faab1140c087b8926571e942b7/7.5.9/en-US/5c3d6d0f6c461014a1d99bc8a4f
https://help.sap.com/viewer/a7b390faab1140c087b8926571e942b7/7.5.9/en-US/5c3d6d0f6c461014a1d99bc8a4f


質問 # 54
Based on your company guidelines you have set the password expiration to 60 days.
Unfortunately, there is an RFC user on your SAP system who must not have a password change for 1 80 days. Which option would you recommend to accomplish such a request?

  • A. Create an enhancement spot or user exit
  • B. Change the profile parameter login/password_expiration_time to 1 80
  • C. Define the RFC user as a reference user
  • D. Create a security policy via SECPOL and assign it to the RFC users

正解:D

解説:
Explanation
This is one of the options that you would recommend to accomplish such a request of having an RFC user with a password expiration of 180 days instead of 60 days based on your company guidelines. SECPOL is a transaction that allows you to create and maintain security policies for password settings, such as minimum length, expiration time, or lockout threshold. You can assign different security policies to different users or user groups based on their roles or requirements. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?


質問 # 55
In your system, you have a program which calls transaction A. Users with access to this program can still execute transaction A without explicit authorizations given to this transaction.
How do you prevent the access of users to the transaction A from within the program?

  • A. Ensure that transact on A is NOT assigned into the same program authorization group
  • B. Make sure you do NOT assign transact on A to the authorization object S_TCODE in the role that you assign to the unauthorized users.
  • C. Maintain the check indicator in table TCDCOUPLES
  • D. Maintain SE93 with authorization objects for transact on A.

正解:D


質問 # 56
You want to launch classic SAP GUI transactions directly from the SAP Fiori Launchpad. Which of the following scenarios do you choose?

  • A. Chrome, SAP Cloud Platform, SAP GUI for Java
  • B. Chrome, SAP Enterprise Portal, SAP GUI for Java
  • C. Internet Explorer, ABAP front-end server, SAP GUI for Windows
  • D. Internet Explorer, SAP Business Client, SAP GUI for Windows

正解:C


質問 # 57
Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?

  • A. S_RFC_TT
  • B. S_RFCACL
  • C. S_ACL_HIST
  • D. S_RFC_TTAC

正解:B


質問 # 58
A user is authorized to run SP01. What can this user access with authorization object S_ SPO_ ACT when the 'Value for Authorization Check' field is set to "__USER__"?

  • A. All unprotected spool requests for all users in the client
  • B. All spool requests for all users in the client
  • C. All spool requests for a specific user in the client
  • D. All spool requests for users in the same user group

正解:C

解説:
Explanation
This is one of the things that a user can access with authorization object S_SPO_ACT when the 'Value for Authorization Check' field is set to "USER" and they are authorized to run SP01 transaction. S_SPO_ACT is an authorization object that controls access to spool requests based on various criteria, such as spool request number, output device, or user name. SP01 is a transaction that allows you to display and manage spool requests, which are requests for printing or outputting data from SAP systems. If the 'Value for Authorization Check' field is set to "USER" in S_SPO_ACT authorization object, the user can access all spool requests for their own user name in the client where they are logged on. References:
https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?


質問 # 59
Which communication protocols are supported by the SAP Cloud Connector? Note: There are 2 correct answers to this question

  • A. LDAP
  • B. RFC
  • C. SNA
  • D. NNTP

正解:A、B


質問 # 60
......


SAP P-SECAUTH-21 認定試験の準備をするためには、個人はSAPのセキュリティ概念や技術についての確固たる理解を持つ必要があります。また、SAPシステムでの作業経験があり、SAPセキュリティアーキテクチャに精通している必要があります。オンラインコース、テキストブック、練習問題など、試験の準備を支援するための多数のトレーニングコースや学習資料があります。


SAP P_SECAUTH_21認定試験は、SAPシステムのセキュリティと完全性を確保する責任を負う専門家のスキルと知識を評価するように設計されています。この認定は、SAPシステムのセキュリティ戦略の設計、実装、および維持に関与している個人を対象としています。 SAP認定テクノロジープロフェッショナル - システムセキュリティアーキテクトとして、セキュリティリスクを特定して軽減し、セキュリティソリューションを実装および構成し、SAPシステムのセキュリティを監視および維持する能力を実証できます。

 

P_SECAUTH_21豪華セット学習ガイドにはオンライン試験エンジン:https://jp.fast2test.com/P_SECAUTH_21-premium-file.html

2024年最新の認定サンプル問題P_SECAUTH_21問題集と練習試験:https://drive.google.com/open?id=1GxiZPsHVre3d6doXzA-s1nzED3XxLMqq


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어