Provide Valid P_SECAUTH_21 Dumps To Help You Prepare For Certified Technology Professional - System Security Architect Exam Aug 26, 2023 [Q33-Q52] : Exams Labs Braindumps : http://blog.examslabs.com

Q33. You have delimited a single role which is part of a composite role, and a user comparison for the composite role has been performed. You notice that the comparison did NOT remove the profile assignments for that single role. What program would you run to resolve this situation?

0 PRGN_COMPRESS_TIMES

0PRGN_COMPARE_ROLE_MENU

0 PRGN_DELETE_ACT IVITY_GROUPS

0 PRGN_MERGE_PREVIEW

Q34. What benefits does the SAP Cloud Connector have compared to a 3rd partyreverse proxy solution, when connecting your SAP Cloud Platform with your SAP backend systems? Note: There are 2 correct answers to this question.

It establishes an SSL VPN tunnel to SAP Cloud Platform

It allows for remote invocation by the SAP Cloud Platform only

It can cache SAP proprietary OData packets to improve the response times

It supports multiple application protocols, such as HTTP and RFC

Q35. Which platform services are available in the Cloud Foundry? Note: There are 2 correct answers to this question.

Analytics

Integration

Commerce

Data Quality

Q36. Which of the objects do you assign to an SAP Fiori tile to make it visible in the SAP Fiori Launchpad? Note: There are 2 correct answers to this question.

Group

Role

User

Catalog

Q37. To which services package does SAP Security Optimization Services (SOS) belong?

Application Integration Optimization

Performance Optimization

System Administration Optimization

EarlyWatch Reporting

Q38. How are security relevant objects related in the Cloud Foundry?Note: There are 2 correct answers to this question.

Role Collections have 0 or many roles.

Role Templates have 0 or many attributes.

Role Collections have 0 or many role templates.

Role Templates have 1 or many scopes.

Q39. You are evaluating the “Cross-client object change” option using transact on SCC4 for your Unit Test Client in the development environment. Which setting do you recommend?

Changes to repository and cross-client customizing allowed

No changes to repository and cross-client customizing objects

No changes to cross-client customizing objects

No changes to repository objects

Q40. What is the User Management Engine (UME) property “connect on pooling” used for? Note: There are 2 correct answers to this question.

To improve performance of requests to the LDAP directory server

To avoid unauthorized request to the LDAP directory server

To create a new connect on to the LDAP directory server for each request

To share server resources among requesting LDAP clients

Q41. Why should you create multiple dispatchers in SAP Identity Management? Note: There are 2 correct answers to this question.

To accommodate scalability

To support fail-over scenarios

To handle password provisioning

To handle special network access requirements

Q42. Where does SAP HANA store the values for the default Password Policy parameter? Note: there are 2 correct answers to this question.

attributes.ini

indexserver.ini

nameservice.ini

global.ini

Q43. You want to configure SNC with X.509 certificates using Common CryptoLib as the cryptographic library in a new installed AS ABAP system. Besides running SNCWIZARD, what do you need to set up for this scenario? Note: There are 2 correct answers to this question.

Set the environment variable CCL_ PROFILE to the default profile file path

Maintain the relevant CCL/SNC/’ profile parameters

Set the environment variable CCL_ PROFILE to SECUDIR

Set the CCL SNC parameters using sapgenpse

Q44. A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12. What does the Return Code 12 signify?

“Objects not contained in User Buffer”

“No authorizations and does NOT have authorization object in their buffer”

“No authorizations but does have authorization object in their buffer”

“Too many parameters for authorization checks”

Q45. You want to launch classic SAP GUI transactions directly from the SAP Fiori Launchpad. Which of the following scenarios do you choose?

Chrome, SAP Enterprise Portal, SAP GUI for Java

Chrome, SAP Cloud Platform, SAP GUI for Java

Internet Explorer, ABAP front-end server, SAP GUI for Windows

Internet Explorer, SAP Business Client, SAP GUI for Windows

Q46. What does return code 1 2 mean when performing STAUTHTRACE?

An invalid user name was specified in user

Too many parameters for authorization checks

No authorization but does have authorization object in user buffer

No authorization and no authorization object in user buffer

Q47. What are characteristics of SAP HANA Deployment Infrastructure (HDI) roles? Note: There are 2 correct answers to this question.

They are transportable between systems.

They are managed by the native HDI version control.

They are granted using database procedures.

They are owned by the user who creates them.

Q48. Which authorization object is required to support trusted system access by an RFC user following the configuration of a Managed System in SAP Solution Manager?

S_RFCACL

S_ACL_HIST

S_RFC_TT

S_RFC_TTAC

Q49. How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

The tables containing sensitive data must be named using the authorization object S_TABU_NAM for all responsible administrators. The DICBERCLS fields of the S_TABU_DIS object can then be filled with *.

Authorization table groups containing tables with sensitive data must be defined in the TDDAT table and these must be omitted for anyone who does not need access to these tables.

The DICBERCLS field of the authorization object must enumerate all table names of the tables containing sensitive data.

The tables containing sensitive data must be associated with table groups in the TBRG table.

Q50. The SSO authentication using X.509 client certificates is configured. Users complain that they can’t log in to the back-end system. The trace file shows the following error message: “HTTP request [2/5/9] Reject untrusted forwarded certificate”. What is missing in the configuration? Note: There are 2 correct answers to this question.

On the back-end, the profile parameter icm/HTTPS/verify client must NOT be set to 0

On the web-dispatcher, the SAPSSLS.pse must be signed by a trusted certification authority

On the web-dispatcher, the profile parameter icm/HTTPS/verify_client must be set to 0

The web dispatcher’s SAPSSLC.PSE certificate must be added to the trusted reverse proxies list in icm/trusted_reverse_proxy_<xx>

Q51. Who can revoke a runtime role from a user in the SAP HANA tenant database? Note: There are 2 correct answers to this question. Note: there are 2 correct answers to this question.

Anyone with “ROLE ADMIN”

The grating user

The owner of the HDI container

The DBACOCKPIT user

Q52. How is the role concept applied for modeled authorizations based on Core Data Services (CDS) views?

CDS roles are mapped to the CDS view in the access rules.

CDS roles are defined in the WHERE clause when calling a CDS view in Open SQL.

CDS roles are defined for the CDS views and implicitly applied to each user.

CDS roles are defined for CDS views in Object Navigator.