Certificacion

Question

How do you check that only appropriate users have access to sensitive data in the production system?

Answer 1

Confirm that the user group SUPER is assigned to all administrators using the transaction SUGR

Answer 2

Search for sensitive transactions calls by business users in the security audit log using transaction SM20

Answer 3

Search for roles containing critical authorization objects assigned to users in the production system using transaction SUIM

Answer 4

Check if SAP standard roles are assigned in production systems

Answer 5

The customer`s auditor

Answer 6

SAP Active Global Support (AGS)

Answer 7

The project Manager

Answer 8

SAP Consulting

Answer 9

The customer’s security team

Answer 10

SAP NetWeaver Identity Management (IdM)

Answer 11

SAP GRC Access Control module Access Request Management (ARQ)

Answer 12

SAP Central User Management ( CUA)

Answer 13

SAP Solution Manager

Answer 14

Each system must have its timeout mechanism set to inactive

Answer 15

Each system must have the same security level requirements

Answer 16

Each system must disable modifications to the system ID, system number and destination name

Answer 17

Each system must be defined in the corresponding partner system

Answer 18

For background processing

Answer 19

To receive additional authorizations

Answer 20

For dialog-free communication

Answer 21

For a dialog logon

Answer 22

Controlling and logging connections to SAP systems

Answer 23

Replacing the corporate firewall

Answer 24

Load balancing for better network performance

Answer 25

Granting access to only selected SAP router and systems

Answer 26

A. Assign by associating the users with the variable MISKEY

Answer 27

B. Assign as tasks that includes roles

Answer 28

C. Assign as privileges with the attribute MXREF_MX_PRIVILEGE

Answer 29

D. Assign by starting the SU01 transaction from the Identity Management Control

Answer 30

Validity period

Answer 31

Issuing system

Answer 32

Receiver system public key

Answer 33

User password

Answer 34

Performance check

Answer 35

Configuration check

Answer 36

Communication posts check

Answer 37

SAProutlab check

Answer 38

Landscape check

Answer 39

Create entrees with deny (D) at the end of SAProutlab file

Answer 40

Create a personal security environment

Answer 41

Restart the SAP Web Dispatcher after configuration

Answer 42

Restart the SAP backend server after changing the SAP Web Dispatcher

Answer 43

Secure Login Library is used as a cryptographic library for SAP Netweaver as ABAP

Answer 44

Secure Login Server is used as a central service to provide X 509 user certificates

Answer 45

Secure Login Client is used as a server application that provides security tokens

Answer 46

Secure Login Library is used as a cryptographic library for SAP Netweaver as Java

Answer 47

For the “default” security policy profile, it is possible to log on to AS Java and a password change is forced

Answer 48

For the “unknown” security policy profile, the log on to AS Java depends on AS ABAP user type

Answer 49

For the “internal service user” security policy profile, it is possible to log on to AS Java

Answer 50

For the “technical user” security policy profile, a password change is forced

Answer 51

Encrypting a LDAP connection to a LDAP directory

Answer 52

Protecting the integrity of transmitted data

Answer 53

Encrypting a HTTP connection between web browser and application gateway

Answer 54

Providing cryptographically strong mutual authentication

Answer 55

Sufficient

Answer 56

Re- encrypts secure sockets layer (SSL) encrypted requirements

Answer 57

Enables deep packet inspection of TCP/IP traffic

Answer 58

Filters URLs of http/https requests

Answer 59

Replaces a firewall

Answer 60

Enable load balanced

Answer 61

Maintain attribute mapping

Answer 62

Import the staging area template

Answer 63

Create an identify store for data staging

Answer 64

Create the export query

Answer 65

Standard SSL client PSE

Answer 66

Anonymous SSL client PSE

Answer 67

Individual SSL client PSE

Answer 68

System SSL client PSE

Answer 69

Digital Encryption Standard (DES)

Answer 70

International Data Encryption Algorithm (DEA)

Answer 71

Advanced Encryption Standard (AES)

Answer 72

Conduct internal survey of security procedures

Answer 73

Document the design of significant controls

Answer 74

Identify resulting issues and monitor remediation

Answer 75

Enforce internal audit recommendations

Answer 76

Perform an evaluation of control design and effectiveness

Answer 77

Writing data to external repositories

Answer 78

Updating the identify stores

Answer 79

Monitoring the execution queues

Answer 80

Evaluating task and workflow expressions

Answer 81

Starting a runtime engine when a job or a task is to be executed

Answer 82

Implement a central user management system and create an RFC connection

Answer 83

Create roles in the target system using an initial load job

Answer 84

Create a repository containing access data to the target system

Answer 85

Create a computing centre management system (CCMS) job in the back-end system

Answer 86

S_USER_GRP

Answer 87

S_USER_AGR

Answer 88

S_USER_SYS

Answer 89

S_USER_SAS

Answer 90

To route HTTP protocols inside a customer network

Answer 91

To grant access to encrypted connections from a known partner

Answer 92

To route SMTP protocols inside a customer network

Answer 93

To grant access only to other selected SAProuters

Answer 94

Only profiles can be assigned to the service users

Answer 95

A check for password expiration is always performed for the service user at logon

Answer 96

Multiple logons are allowed for the service users

Answer 97

A password is always required for the service user

Answer 98

Message Digest Algorithm (MDA)

Answer 99

US Secure Hash Algorithm (SHA)

Answer 100

International Data Encryption Algorithm (IDEA)

Answer 101

In AS Java the user-relevant data is stored both in the AS Java and on the LDAP Server

Answer 102

In AS Java the user-relevant data is stored on the LDAP server

Answer 103

In AS ABAP the user-relevant data is stored only in the LDAP server

Answer 104

In AS ABAP the user-relevant data is stored both in the AS ABAP and on the LDAP

Answer 105

The tables containing sensitive data have to be named using the authorization object S_TABU_NAM for all responsible administrator

Answer 106

The tables containing sensitive data have to be associated with table groups in table TBRG

Answer 107

Authorization table groups containing tables with sensitive data have to be declined in table TDDAT and these must be omitted for…

Answer 108

The field DICBERCLS of the authorization object has to enumerate all table names of the tables containing sensitive data

Answer 109

Hypertext Transfer Protocol (HTTP)

Answer 110

Simple mail Transfer Protocol (SMTP)

Answer 111

Application Programming Interface (API)

Answer 112

Hypertext Transfer Protocol Secure (HTTPS)

Answer 113

Preparation

Answer 114

Implementation

Answer 115

Analysis and conception

Answer 116

Quality assurance and tests

Answer 117

Directory service using LDAP

Answer 118

ABAP based repository

Answer 119

Internal system database

Answer 120

Universal description, Discovery and Integration (UDDI) provider

Answer 121

Database management system (DEMS) provider

Answer 122

ABAP_TRANSPORTS

Answer 123

ABAP_NOTES

Answer 124

a. Analyse business needs b. Check SAP delivered roles c. Generate profiles for SAP roles d. Assign these roles accordingly

Answer 125

a. Analyse business needs b. Check SAP delivered roles c. Create custom roles d. Assign these roles accordingly

Answer 126

a. Check SAP delivered roles b. Add rights into SAP delivered roles c. Generate profiles for SAP roles d. Assign these roles accordingly

Answer 127

a. Analyse business needs b. Create roles without extended access c. Generate profiles for the custom roles d. Assign these roles accordingly

Answer 128

Attribute Mapping

Answer 129

User provisioning

Answer 130

Value conversion

Answer 131

Approvals workflow

Answer 132

EAM controller

Answer 133

Super user auditor

Answer 134

EAM administrator

Answer 135

Security audit log reviewer

Answer 136

Lock transaction SE 16N to prevent access to custom data

Answer 137

Assign authorization for transaction SA38 to users who have access to custom data

Answer 138

Ensure that proper controls are in place if custom programs or function modules access critical tables

Answer 139

Include AUTHORITY-CHECK statements for all custom programs that access custom data

Answer 140

Link custom programs to custom transactions codes

Answer 141

For system-to-system communication with 1 to n recipients

Answer 142

For system-to-system communication using RFC or HTTP

Answer 143

For system-to-system communication with 1 to n recipients where immediate consumption is needed

Answer 144

For system communication using cross-system single sign-on (SSO)

Answer 145

Create roles based on traces made with STATUTHRACE and assign them to the appropriate users

Answer 146

Generate profiles for SAP delivered roles and assign them to the appropriate users

Answer 147

Define the transactions administrators should be able to use, create appropriate PFCG roles and assign those roles to the…

Answer 148

Assign SAP delivered profiles to the appropriate users

Answer 149

Overload control and request prioritizing

Answer 150

Extensible transformation framework

Answer 151

In-memory cache

Answer 152

Identify store

Answer 153

Abstraction layer

Answer 154

Attribute filtering

Answer 155

Value mapping

Answer 156

Namespace conversion

Answer 157

To create a new connection to the LDAP directory server for each request

Answer 158

To improve performance of requests to the LDAP directory server

Answer 159

To avoid unauthorized request to the LDAP directory server

Answer 160

To share server resources among requesting LDAP clients

Answer 161

To log changes in application data

Answer 162

To log changes in master data

Answer 163

To log changes in customizing tables

Answer 164

To log changes in table technical settings

Answer 165

Written in an encrypted email to the support employee with an sap.com email address

Answer 166

By enabling the Early Watch user and setting the password to SUPPORT

Answer 167

Included in the support message with the username

Answer 168

Delivered via the secure store in the SAP Service Marketplace

Answer 169

Structured Query Language (SQL) injection

Answer 170

Cross-site scripting (XSS)

Answer 171

Message flooding

Answer 172

Exposure of the identify store

Answer 173

External communication

Answer 174

Provisioning

Answer 175

Data synchronization

Answer 176

Started RFC server program

Answer 177

Gateway security program

Answer 178

Registered RFC server program

Answer 179

RFC client program

Answer 180

Communication

Answer 181

The firefighter controller assigns the support user to the firefighter ID

Answer 182

The EAM owner of the firefighter ID maintains the association to the responsible support user

Answer 183

The EAM firefighter ID user has to be assigned to the role Z_SAP_GRAC_SPM_FFID

Answer 184

The EAM administrator has to provide the password to the end user for the firefighter ID users who is responsible for…

Answer 185

The roles Z_SAP_GRC_FN_BASE and Z_SAP_GRC_FN_BUSINESS_USER must be assigned to the support user…

Answer 186

Intrusion prevention

Answer 187

Packet filter

Answer 188

Reverse proxy

Answer 189

Application-level gateway

Answer 190

Private key

Answer 191

Public key

Answer 192

Secret key

Answer 193

Private/Public key pair

Answer 194

Select the internal and external members of the project team

Answer 195

Build a project plan to implement an authorization concept

Answer 196

Determine the business requirements for the customer doing the implementation

Answer 197

Define the authorization concept for how roles should be built

Answer 198

Use report RSUSR0008_009_NEW appropriate variant

Answer 199

Use SAP governance, risk and compliance with a configured SoD matrix

Answer 200

Use transaction SUIM

Answer 201

Use STAUTHTRACE

Answer 202

Check user profiles after upload in the destination system

Answer 203

Assign roles and reconcile the user master data after the upload

Answer 204

Generate profiles of the roles immediately after the upload

Answer 205

Change number range for transports in the destination system

Answer 206

Organization unit

Answer 207

In the Certification Authority (CA) inventory

Answer 208

In the Internet Communications Manager (ICM)

Answer 209

In the table STRUSTSSL

Answer 210

In the table USREXTID

Answer 211

Replace the saprules.xml file in the installation directory

Answer 212

Make special permissions to files in the installation directory available to the end user

Answer 213

Protect the registry key by disallowing user access to the reedit program

Answer 214

Save the SAPGUI client user security rules file “saprules.xml” in the directory %APPDATA%/SAP/Common

Answer 215

Use the SNC Client Encryption software for the SAPGUI

Answer 216

Encrypting a LDAP connection to a LDAP directory

Answer 217

Protecting the integrity of transmitted data

Answer 218

Encrypting a HTTP connection between web browser and application gateway

Answer 219

Providing cryptographically strong mutual authentication

Answer 220

The certificates of trusted certificate authorities

Answer 221

The private key

Answer 222

The password hash of the user account

Answer 223

The public key certificate

Answer 224

The secure network communication name of the user

Answer 225

Run the RSURS200 report to viewer users by logon date and password change

Answer 226

Execute the AL08 transaction for an overview of active users

Answer 227

Run the RSURS002 report to view users by complex selection criteria

Answer 228

Run the RFALD006_BCE report to view the number of user master records

Answer 229

SAP Security Optimization Service

Answer 230

SAP User information System

Answer 231

SAP Security Audit Log

Answer 232

SAP Computing Centre Management System

Answer 233

SAP Early Watch Alert

Answer 234

To display the transactions contained in roles

Answer 235

To compare users across SAP systems

Answer 236

To list the users logged on to the SAP systems

Answer 237

To report authorization errors

Answer 238

To compare roles within an SAP system

Answer 239

a. Create on import SNC personal security environment (PSE) b. Establish trust relationship c. Set SNC profile parameters d. Create credentials e. Install SAP Cryptographic library f. Restart Application Server Java

Answer 240

a. Install SAP Cryptographic library b. Create on import SNC personal security environment (PSE) c. Create credentials d. Establish trust relationship e. Set SNC profile parameters f. Restart Application Server Java

Answer 241

a. Set SNC profile parameters b. Establish trust relationship c. Create credentials d. Install SAP Cryptographic library e. Create on import SNC personal security environment (PSE) f. Restart Application Server Java

Answer 242

a. Install SAP Cryptographic library b. Create credentials c. Create on import SNC personal security environment (PSE) d. Set SNC profile parameters e. Establish trust relationship f. Restart Application Server Java

Answer 243

Enabling multiple access points to data

Answer 244

Modifying name spaces

Answer 245

Preventing LDAP access to data

Answer 246

Manipulating attribute values

Answer 247

Grants access to all spool requests in the current client

Answer 248

Grants access to your own spool requests

Answer 249

Grants access to named user requests

Answer 250

Grants access to all spool requests in all clients

Answer 251

Offers two types of audit reports: system and business

Answer 252

Roles are built from modes in the implementation guide (IMG)

Answer 253

Report selection variables are configured quickly during setup

Answer 254

In used by both internal and external auditors

Answer 255

Starts with aa single transaction code SECR

Answer 256

Use transaction SUIM to check the assignment of sensitive roles to users

Answer 257

Implement and use the Access request Management module of SAP Governance Risk and Compliance

Answer 258

Create appropriate roles and assign these roles to the right users to protect the assignment

Answer 259

Configure the audit system to check the usage of sensitive actions

Answer 260

Communication

Answer 261

a. Update the user master records b. Edit and generate authorization profiles c. Assign transactions to job descriptions d. Maintain roles using role maintenance e. Assign user

Answer 262

a. Assign user b. Maintain roles using role maintenance c. Assign transactions to job descriptions d. Edit and generate authorization profiles e. Update the user master records

Answer 263

a. Assign transactions to job descriptions b. Maintain roles using role maintenance c. Edit and generate authorization profiles d. Assign user e. Update the user master records

Answer 264

a. Assign transactions to job descriptions b. Maintain roles using role maintenance c. Assign user d. Update the user master records e. Edit and generate authorization profiles

Answer 265

Open the role and review the users tab in the transaction PFCG

Answer 266

Run the RSUSR100 report with appropriate filters

Answer 267

Start the SM20 transaction to view the security audit log

Answer 268

Review the tab profiles in the transaction SU01

Answer 269

Transaction

Answer 270

User parameter

Answer 271

Authorization object

Answer 272

Increase margin contribution

Answer 273

Optimize the cross-border supply chain

Answer 274

Automate manual tasks

Answer 275

Better management of global trade operations

Answer 276

Ensure ongoing compliance

Answer 277

Relevant operating system updates

Answer 278

Correction notes for ABAP and Java

Answer 279

Customer support messages

Answer 280

A domain reverse to establish proxy must be mentioned in the SAP Support ticket

Answer 281

SAP service Marketplace system ID must be associated with the support employee

Answer 282

The S-User ID and the password of the requestor must be mentioned in the SAP Support ticket

Answer 283

The SAProuter must be configured in the customer’s Solution Manager.

Answer 284

Analyses security vulnerabilities within an enterprise `s SAP Landscape to ensure optimal protection against intrusions

Answer 285

Analysis your operating system database and entire SAP system to ensure optimal performance and reliability

Answer 286

Check the SAP systems and SAP middleware components against defined configurations

Answer 287

Prioritices and delivers results with recommendations to resolve identified vulnerabilities

Answer 288

Modifies system parameters to resolve security issues.

Answer 289

Basis administrator authorizations are assigned to customize the production system

Answer 290

S_TRANSPRT authorization object is needed by the transport administrator

Answer 291

Developer authorizations must be assigned in production environment

Answer 292

TMSADM is needed as the Remote Function Call (RFC) user

	Creado por Juan Carlos Sanchez hace casi 8 años

Siguiente

Certificacion

Descripción

Resumen del Recurso

Pregunta 1

Pregunta 2

Pregunta 3

Pregunta 4

Pregunta 5

Pregunta 6

Pregunta 7

Pregunta 8

Pregunta 9

Pregunta 10

Pregunta 11

Pregunta 12

Pregunta 13

Pregunta 14

Pregunta 15

Pregunta 16

Pregunta 17

Pregunta 18

Pregunta 19

Pregunta 20

Pregunta 21

Pregunta 22

Pregunta 23

Pregunta 24

Pregunta 25

Pregunta 26

Pregunta 27

Pregunta 28

Pregunta 29

Pregunta 30

Pregunta 31

Pregunta 32

Pregunta 33

Pregunta 34

Pregunta 35

Pregunta 36

Pregunta 37

Pregunta 38

Pregunta 39

Pregunta 40

Pregunta 41

Pregunta 42

Pregunta 43

Pregunta 44

Pregunta 45

Pregunta 46

Pregunta 47

Pregunta 48

Pregunta 49

Pregunta 50

Pregunta 51

Pregunta 52

Pregunta 53

Pregunta 54

Pregunta 55

Pregunta 56

Pregunta 57

Pregunta 58

Pregunta 59

Pregunta 60

Pregunta 61

Pregunta 62

Pregunta 63

Pregunta 64

Pregunta 65

Pregunta 66

Pregunta 67

Pregunta 68

Pregunta 69

Pregunta 70

Pregunta 71

Pregunta 72

Pregunta 73

Pregunta 74

Pregunta 75

Pregunta 76