Professional Documents
Culture Documents
Which the following tables are used to assign authorization groups to tables and
views?
Note: There are 2 correct answers to this question.
A. V_DDART
B. V_DDAT_54
C. V_BRG
D. V_BRG_54
Answer: BD
QUESTION 2
Which of the following user types is used to set up Central User Administration
(CUA)?
A. Reference (L)
B. Dialog (A)
C. Service (S)
D. System (B)
Answer: D
QUESTION 3
Which components that a derived role inherits from a reference role can you change
in the derived role?
Note: There are 2 correct answers to this question.
A. Authorizations
B. Menus
C. Organizational levels
D. User assignments
Answer: AC
QUESTION 4
Which of the following status texts indicates that the proposed value for at least one
field in the subordinate levels of the hierarchy has been changed from the SAP
default value?
A. Standard
B. Manual
C. Maintained
D. Changed
Answer: D
QUESTION 5
Which of the following can you use to connect directory services to Central User
Administration (CUA) of an SAP system?
Answer: D
QUESTION 6
Which of the following are benefits of using Security Optimization Self Service?
Note: There are 2 correct answers to this question.
Answer: AD
QUESTION 7
You are to configure a compliant identity management process flow.
Which of the following components from SAP Access Control and SAP NetWeaver
Identity Management (SAP NetWeaver ID Management) are required?
Note: There are 2 correct answers to this question.
Answer: AD
QUESTION 8
To provide continuous access management (stay clean), which of the following can
you use to establish end-to-end compliance with SAP Access Control?
Note: There are 3 correct answers to this question.
A. Enterprise Role Management
B. Periodic access review and audit
C. Compliant User Provisioning
D. AIS reports
E. Superuser Privilege Management
Answer: ACE
QUESTION 9
You want to administer the following clients from a master client:
– 3 clients of a development system
– 2 clients of a test system
– 2 clients of a production system
How many Remote Function Call (RFC) connections are required in Central User
Administration (CUA)?
A. 15
B. 14
C. 8
D. 10
Answer: D
QUESTION 10
Which action is the last step in the setup of Central User Administration (CUA)?
Answer: B
QUESTION 11
Which SAP Access Control component must you use to ensure readiness of “get
compliance” (get clean)?
Answer: D
QUESTION 12
Which transaction do you use to set distribution parameters for Central User
Administration (CUA)?
A. SCUL
B. SCUA
C. SCUM
D. SCUG
Answer: C
QUESTION 13
You have to analyze risk and perform remediation to enable end-to-end compliance.
What is the correct sequence of steps?
Answer: C
QUESTION 14
Which of the following are reasons to customize role maintenance?
Note: There are 2 correct answers to this question.
Answer: AD
QUESTION 15
Which of the following activities are part of SAP roles design?
Note: There are 2 correct answers to this question.
Answer: AC
QUESTION 16
Which of the following are components of SAP NetWeaver Identity Management?
Note: There are 3 correct answers to this question.
Answer: ACE
QUESTION 17
What is the main function of the SAP Web Dispatcher?
Answer: B
QUESTION 18
You have to maintain authorizations for a new role in the Profile Generator
(transaction PFCG).
What does the yellow triangle indicate (see attached screenshot)?
Answer: C
QUESTION 19
Which of the following sequences of steps can you use to create a user-defined
role?
Note: There are 2 correct answers to this question.
Answer: CD
QUESTION 20
Why would you add project views of the Implementation Guide (IMG) to an existing
role?
Note: There are 2 correct answers to this question.
Answer: CD
QUESTION 21
From which role can you transfer data to a derived role?
Answer: B
QUESTION 22
Which transactions can you use to perform user reconciliation for a role?
Note: There are 2 correct answers to this question.
A. PFCG
B. SU53
C. SUIM
D. PFUD
Answer: AD
QUESTION 23
Which transaction can you use to perform role maintenance?
A. PFCG
B. PFUD
C. SUIM
D. SUPC
Answer: A
QUESTION 24
You run change document RSUSR100 (user and authorization log).
Which of the following are selection criteria for changed header data?
Note: There are 3 correct answers to this question.
A. Language
B. Administrator Lock Set
C. Cost Center
D. Accounting Number
E. User Group
Answer: BDE
QUESTION 25
Which of following can you modify in basic maintenance of the Profile Generator
(PFCG)?
Answer: B
QUESTION 26
What data is transferred from a reference role to a derived role?
Note: There are 2 correct answers to this question.
A. Reports
B. Profiles
C. User assignments
D. Transactions
Answer: AD
QUESTION 27
You want to add a Customizing object to a role.
Which options are available in the Profile Generator (see attached screenshot)?
Note: There are 2 correct answers to this question.
A. Enterprise IMG
B. IMG project view
C. SAP Reference IMG
D. IMG project
Answer: BD
QUESTION 28
You have made changes to tables USOBX_C and USOBT_C.
You want to transport these tables from the development environment to the testing
environment. Which transaction do you use to create this transport?
Answer: C
QUESTION 29
By which of the following criteria can administration tasks in decentralized user
administration be shared?
Note: There are 2 correct answers to this question.
A. Application area
B. User type
C. Department
D. License type
Answer: AC
QUESTION 30
After roles were transported from an SAP development system to a test system, a
technical
manager reported a problem with a user role assignment in the test system.
What do you have to configure to prevent the transport of user assignments?
Answer: D
QUESTION 31
Which of the following can you display with the user information system?
Note: There are 2 correct answers to this question.
Answer: AC
QUESTION 32
You are unable to determine the cause of an authorization failure using transaction
Authorization Error Analysis (SU53).
Which transaction allows you to analyze this failure further?
A. SU01
B. SU56
C. ST12
D. ST01
Answer: D
QUESTION 33
Which transaction is used by the Profile Generator during a system upgrade?
A. SU24
B. SU10
C. SU01
D. SU25
Answer: D
QUESTION 34
Which of the following steps are required to activate role maintenance after you
install an SAP system?
Note: There are 2 correct answers to this question.
Answer: CD
QUESTION 35
Which report from the user information system (transaction SUIM) can you use to
find out which user may execute transaction Change Customer (FD02)?
Note: There are 2 correct answers to this question.
Answer: AB
QUESTION 36
You want to post a goods receipt to two plants, 1000 and 1200, using transaction
Enter Other Goods Receipts (MB1C). When you post the goods receipt to plant
1200, you receive an authorization error message.
How do you analyze the error?
Note: There are 2 correct answers to this question.
QUESTION 37
How do you delete an existing role in all three SAP systems: development, test, and
production?
A. Configure Central User Administration (CUA) to delete the role across the three
systems.
B. Log on to the development system.
Delete the role across the three systems with transaction SU10.
C. Delete the role in the development system.
Create transports without this role.
Release the transport to test and production.
D. Enter the role into a transport.
Delete the role in the development system.
Release the transport to test and production.
Answer: D
QUESTION 38
Which of the following objects are used when you transport roles?
Note: There are 2 correct answers to this question.
A. User assignments
B. Personalization
C. Profiles
D. Templates
Answer: AB
QUESTION 39
In which table can you find a list of invalid passwords?
A. USR05
B. USR40
C. USR22
D. USR01
Answer: B
QUESTION 40
When you logon to the system with the SAP_AUDITOR_SA role, which of the
following reports can be found in the Top 10 Security Reports folder of the Audit
Information System (AIS)?
Note: There are 2 correct answers to this question.
A. Date Monitoring (S_PH0_48000450)
B. Analysis of Security Audit Log (SM20N)
C. IDoc List (RSEIDOC2)
D. Check Passwords of Standard Users (RSUSR003)
Answer: BD
QUESTION 41
What are audit categories of the Audit Information System (AIS)?
Answer: A
QUESTION 42
When a system auditor logs on to an SAP system, the user menu contains these
folders:
Information/Overview
Table Authorization
Table Recordings
Access Statistics
Change Documents
Which of the following roles is assigned to this system auditor?
Answer: D
QUESTION 43
To work with the Audit Information System (AIS), which of the following steps do you
have to execute?
Note: There are 2 correct answers to this question.
Answer: BD
QUESTION 44
Which action does the enqueue work process perform?
Answer: D
QUESTION 45
Which of the following actions allows you to schedule the execution of a report from
transaction SA38 at an off-peak time?
Answer: D
QUESTION 46
Which of the following environments are provided by SAP NetWeaver?
Note: There are 2 correct answers to this question.
Answer: AD
QUESTION 47
Which of the following are capabilities of Information Integration?
Note: There are 3 correct answers to this question.
Answer: ABE
QUESTION 48
Which of the single sign-on (SSO) methods for SAP NetWeaver AS-based systems
requires configuration of the Secure Login Server, Security Login Client, and the
authentication server?
Answer: B
QUESTION 49
Which of the following communication paths can be protected by Secure Network
Communication (SNC)?
Note: There are 2 correct answers to this question.
Answer: CD
QUESTION 50
You have to configure Secure Network Communication (SNC) to secure connections
between two SAP NetWeaver AS ABAP servers.
Which profile parameters can you set for the trust manager?
Note: There are 2 correct answers to this question.
A. sec/libsapsecu
B. snc/identity/as
C. snc/data_protection/use
D. snc/data_protection/max
Answer: AB
QUESTION 51
You are configuring an SAP NetWeaver AS ABAP system to allow authentication
with x.509 client certificates issued by SAP NetWeaver single sign-on (SSO). When
you test the connection with the standard SAP GUI, the system unexpectedly asks
you for a password.
How can you avoid the additional logon in the standard SAP GUI?
Answer: A
QUESTION 52
For which of the following tasks is a user administrator responsible?
Note: There are 3 correct answers to this question.
Answer: ABE
QUESTION 53
For which of the following is the Secure Socket Layer (SSL) in an SAP NetWeaver
AS environment used?
Note: There are 2 correct answers to this question.
Answer: BD
QUESTION 54
What is the main function of the SAP Web Dispatcher?
Answer: B
QUESTION 55
For which of the following does a secure logon using Kerberos support single sign-
on and encryption?
Note: There are 2 correct answers to this question.
Answer: AB
QUESTION 56
Which of the following authorization objects must you assign to a user in SAP
Solution Manager and in the SAP managed system to make sure that a trusted
Remote Function Call connection is established?
A. S_RFC
B. S_RFC_TT
C. S_RFC_SHLP
D. S_RFCACL
Answer: D
QUESTION 57
What check must you carry out to analyze system data with Security Optimization
Self Service?
A. The SAP Solution Manager system has the latest support plug-ins installed.
B. The system is connected to SAP Solution Manager.
C. SAP Solution Manager is connected to the Security Optimization Service.
D. The system landscape is registered with the Security Optimization Service.
Answer: B
QUESTION 58
Which of the following does the Security Optimization Service check?
Note: There are 2 correct answers to this question.
A. Standard users
B. SAP HR data
C. SAP system component validity
D. Settings from the SAP Security Guide
Answer: AD
QUESTION 59
Which of the following transactions allows Security Optimization Self Service to add
customized authorization checks?
A. ST13
B. ST11
C. ST14
D. ST01
Answer: A
QUESTION 60
Which of the following are benefits of using Security Optimization Self Service?
Note: There are 2 correct answers to this question.
Answer: AD
Lead2pass new released C_AUDSEC_731 PDF are now for free download,
download it right now and pass your exam 100%.
QUESTION 61
In an SAP NetWeaver AS ABAP system, which security notes have the highest priority?
Note: There are 2 correct answers to this question.
A. Notes shown by transaction ABAP Note Assistant (SNOTE)
B. Notes shown in Customer
C. Notes marked by the Early Watch Alert in red
D. Notes shown by RSECNOTE
Answer: CD
QUESTION 62
Which of the following must be available before you can perform Security Optimization Service
checks for SAP vulnerability risks?
A. SAP Solution Manager
B. SAP ERP Central Component
C. SAP NetWeaver Business Warehouse
D. SAP NetWeaver Portal
Answer: A
QUESTION 63
A security manager is asked to gather the average dialog response time over the last 30 minutes.
Which of the following transactions can list this information?
A. RZ03
B. RZ10
C. RZ01
D. RZ20
Answer: D
QUESTION 64
Which transaction can you use to create background jobs?
A. SU10
B. PFCG
C. SM36
D. SA38
Answer: C
Question 65
Which of the following authorization objects control the spool output printer?
There are 2 correct answers to this question.
a. S_SPO_PAGE
b. S_CTS_ADMI
c. S_SPO_DEV
d. S_SPO_ACT
ANSWER A, C
Question: 66
Which of the following tab pages are available when you create a composite role?
ANSWER: C
Question: 67
What user type do you need to create Remote Function Call (RFC) connections in Central User
Administration (CUA)?
A. System
B. Reference
C. Service
D. Dialog
ANSWER A
Question: 68
ANSWER B,C
Question: 69
When you use the edit function to insert authorizations manually to an existing profile, which
options are available?
A. Maintain authorization
B. Selection criteria
C. Full authorization
D. Copy authorization
ANSWER: B,C
Question: 70
ANSWER: B C
Question: 71
A. login/no_automatic_user_sapstar = 1
B. logon/no_automatic_user_sapstar = 0
C. login/no_automatic_user_sapstar = 0
D. logon/no_automatic_user_sapstar = 1
ANSWER: A
Question:72
ANSWER: A,D
Question:73
Which components that a derived role inherits from a reference role can you change in the derived
role?
A. Authorizations
B. Organizational levels
C. Menus
D. User assignments
ANSWERS: A, B
Question: 74
Question: 75
Which of the following are valid architectures of an SAP system based on SAP NetWeaver AS 7.10 or
higher?
A. Infrastructure for developing and using J2EE-based application with Java dispatcher process
(AS Java system)
B. Infrastructure in which ABAP-based applications can be developed and used (AS ABAP
system) with Software Deployment Manager (SDM) process
C. Infrastructure for developing and using J2EE-based application with Internet Communication
Manager (ICM) process (AS Java system)
D. Infrastructure in which ABAP-based applications can be developed and used (AS ABAP
system) with primary application server (PAS)
ANSWER C,D
QUESTION 76
A. EARTHQUAKES
B. ENVIRONMENT
C. HACKERS
D. PERSONS
E. TECHNOLOGY
ANSWER B,D,E
QUESTION 77
Which of these are not among the steps of the authorization concept?
ANSWER: B,E
QUESTION 78
ANSWER: A,B,C,D
QUESTION 79
Which of these is not an activity required for an upgrade of the Profile Generator?
ANSWER: D
QUESTION 80
A. ENTERPRISE STRUCTURE
B. JOB
C. ORGANIZATION UNIT
D. POSITION
E. TASK
ANSWER: B,C,D,E
QUESTION 81
A. ENTERPRISE STRUCTURE
B. JOB
C. ORGANIZATION UNIT
D. POSITION
E. TASK
ANSWER: D
QUESTION 82
The following tools are available for conducting thorough system security audits.
Answer: A
QUESTION 83
The following login parameters can be used to ensure your system is adequately secured. There are
3 correct answers
A. login/fails_to_user_lock
B. login/min_password_diff
C. login/min_password_specials
D. login/named_super_user
E. Logon/no_automatic_user_SAP* = >0
ANSWER: A,B,C
QUESTION 84
ANSWER: A,C,D,E
QUESTION 85
What are the 4 major filters available for the security audit log?
A. Audit class
B. Client
C. Dynamic filter
D. User
E. Weight of events to audit
ANSWER: A,B,D,E
QUESTION 86
What are the profile parameters that you need to specify in order to create and save filters
permanently in the database?
ANSWER: A,B,D,E
QUESTION 87
What are the profile parameters that you need to specify in order to change filters dynamically on
one or more application servers?
ANSWER: B,D,E
QUESTION 88
What are the four main sections of the audit analysis report?
A. Audit data
B. Contents
C. Header data
D. Introductory information
E. Statistical analysis
ANSWER: A,C,D,E
QUESTION 89
What are the 5 profiles parameters that enforce the minimum requirement that a password must
fulfil?
A. login/min_password_diff: how many characters in the new password must be different from
the old password
B. login/min_password_digits: min number of digits
C. login/min_password_letters: min number of letters
D. login/min_password_lng: min length
E. login/min_password_specials: min number of special characters
F. login/min_pasword_lng: min length
ANSWER: A,B,C,D,E
QUESTION 90
What are the 3 profiles parameters that enforce the validity period of a password?
ANSWER: B,C,D
QUESTION 91
What are the 3 profile parameters that enforce the multi logon for a user?
ANSWER: A,B,C
QUESTION 92
What are the 3 profile parameters that enforce the number of unsuccessful logon attempts?
ANSWER: B,C,D
QUESTION 93