SAP P_TSEC10_75 ACTUAL EXAM QUESTIONS

Question # 1

What is the transaction of the Internet Communication Framework (ICF)?

A. SICF
B. SERT
C. SDFG

Show Answer

Question # 2

In which transaction can you release the change request to transport? 

A. SE09
B. SE10
D. SE08

Show Answer

Question # 3

Authorization Profile that defines the profile names for which an administrator has authorization and the activities that are allowed?

A. S_USER_GRP
B. S_USER_AUTH
C. S_USER_PRO

Show Answer

Question # 4

3 enterprise portal authentication mechanisms:

A. User Id/Password (Form based iView) X. 509 digital certificate
B. Third party authentication (Windows)
C. Use external authentication (snc/extid_login_diag)

Show Answer

Question # 5

What are the 2 main options to create and save audit filters?

A. Create and save filters permanently in the database
B. Change filters dynamically
C. Create and save filter temporary in the database

Show Answer

Question # 6

Which special user is delivered in the client 066?

A. DDIC
B. Early Watch

Show Answer

Question # 7

Which profile parameter can you use in order to specify the use of S_RFC?

A. Name of RFC to be protected
B. Activity
C. auth/rfc_authority_check

Show Answer

Question # 8

What is the transaction to view the change document for an object

A. SCDO
B. SFED
C. SCGH

Show Answer

Question # 9

Which authorization object enforces that one person can create the role, but another person must generate the role? 

A. S_USER_AUT
B. S_USER_PRO

Show Answer

Question # 10

What are the 3 standards approval steps and their authorization object, value and default value?

A. By request owner
B. By user department

Show Answer

Question # 11

Profile parameter: minimum length of the logon password

A. login/fails_to_session_end
B. login/min_password_lng
C. Login/fails_to_user_lock

Show Answer

Question # 12

How do you protect access to the ITS service and template files?

A. Using groups at the operating system level
B. Using groups at the creation dolmen level

Show Answer

Question # 13

X.509 client certificates: which table is responsible for the user mapping?

A. USREXTID
B. UDBNVVD
C. UFSKSDHD

Show Answer

Question # 14

What are the 2 main components of the AIS reporting tree? 

A. System auditing functions
B. Business auditing functions

Show Answer

Question # 15

ITS configuration: What is the difference between a single host configuration and a dual host configuration?

A. Single Host
B. Dual Host
C. Multiple Host

Show Answer

Question # 16

What are the 2 fields of the authorization object S_TABU_DIS

A. DICBERCLS
B. ACTVT
C. Odet fee

Show Answer

Question # 17

What are the 4 supported check indicators for transactions?

A. No check
B. Unmaintained
C. Check
D. Check/Maintain

Show Answer

Question # 18

Which transaction displays the table change log? 

A. SCU3
B. SCU2

Show Answer

Question # 19

Authorization object that defines the user groups for which an administrator has authorization and the activities that are allowed?

A. S_USER_GRP
B. S_USER_AUTH
C. S_USER_PRO

Show Answer

Question # 20

The client change option does not override the system change option (t/f)? 

A. TRUE
B. FALSE

Show Answer

Question # 21

7 activities of the ICM monitor?

A. Start and Stop the ICM
B. Set trace level, view logs
C. View profile parameters settings View statistics
D. View memory pipe informationView active services
E. Monitor service cache

Show Answer

Question # 22

What contains the Personal Security Environment (PSE)

A. Public key
B. Private key
C. Server‘s public-key certificate
D. Certificates of trusted CAs (certificate list)

Show Answer

Question # 23

What is the important property of catalog roles in SAP HANA?

A. Catalog roles are transportable
B. Privilege revocation is transitive
C. _SYS_REPO needs to be granted privileges on data

Show Answer

Question # 24

SAP offers many types of systems and applications. Each type of SAP system (mySAP CRM, SAP BW, SAP R/3, mySAP SRM, SAP APO) is so varied that the systems do not share security tools or security services. Determine whether this statement is true or false 

A. True
B. False

Show Answer

Question # 25

What is the table for the SNC System access control list

A. SNCSYSACL
B. SNFDJDEVM

Show Answer

Question # 26

What is the audit log’s main objective? (3 points) 

A. Security-related changes
B. Higher level of transparency
C. Enables the reconstruction of a series of events

Show Answer

Question # 27

Which of the following are security advantages to a three-tier landscape?

A. Ensure changes occur only on development system.
B. Ensure changes occur only on your production system.
C. Developers do not have access to production data.
D. You control when changes are moved into production.
E. You can test changes in a QA system

Show Answer

Question # 28

Which program start the external command after it has passed the gateway?

A. gw/sec_info
B. Sapxpg

Show Answer

Question # 29

What is the default password of the user SAP*? 

A. SAP*
B. PASS
C. PASS

Show Answer

Question # 30

What are the 3 constraints of the logon ticket?

A. same DNS,
B. user Id identical in all systems,
C. user must accept session cookies

Show Answer

Question # 31

What is the difference between System Access Control and Role based Access control?

A. Organizational Measures
B. Technical Measures
C. Environmental measures
D. Access Control
E. System Access Control

Show Answer

Question # 32

Which of the following are logs that exist in an SAP system? (More than one answer is correct).

A. Webflowlogs
B. Application logs
C. Change documents logs
D. User and authorization change logs

Show Answer

Question # 33

Which command displays all connections and listening ports on your computer? 

A. netstat –a
B. netstat –b

Show Answer

Question # 34

Derived roles: is the user assignment inherited?

A. True
B. False

Show Answer

Question # 35

What are the return codes after the authorization check with the ABAP object authoritycheck? 

A. The user has the authorization for the object and the fields value
B. The user has the authorization for the object, but not for filed value
C. The user has no authorization
D. No profile is entered in the user master record

Show Answer

Question # 36

Which authorization object is needed to execute external commands?

A. Sapxpg
B. S_RZL_ADM
C. S_LOG_COM

Show Answer

Question # 37

Which table specifies that WebRFC users can log on using the AGate‘s SNC-protected connection? 

A. USRACLEXT
B. USRACJFFXL

Show Answer

Question # 38

What are the 2 status texts about authorizations after a comparison?

A. Old
B. New

Show Answer

Question # 39

Of which fields consist the authorization S_TABU_DIS? 

A. DICBERCLS: Authorization group for ABAP Dictionary objects (only tables/views assigned to authorization group “V*” (DICBERCLS=V*) may be maintained.)
B. ACTVT: Activity (02, 03)
C. ACTVT: Activity (05, 07)

Show Answer

Question # 40

Which table maps the Authorization Group to a list of tables?

A. TDDAT
 B. TPPDE

Show Answer

Question # 41

What are the 3 authorization objects required to create and maintain user master records? 

A. S_USER_GRP
B. S_USER_PRO
C. S_USER_AUT

Show Answer

Question # 42

What are the 3 types of encryption? 

A. Symmetric
B. Asymmetric
C. Sdfmmetric

Show Answer

Question # 43

What is the transaction for the system trace tool?

A. ST01
B. ST02
C. ST03

Show Answer

Question # 44

What is the transaction to display an overview of the modifications and enhancement found in the system that you can search by Last transport request or Request/Task? 

A.  SE95
B. SE96
C. SE97

Show Answer

Question # 45

Derived roles: Can the inherited roles be changed? 

A. True
B. False

Show Answer

Question # 46

What are the 5 majors authorisation objects used to protect which transaction codes a user can access and for which product are they meant to be?

A. S_TCODE
B. Q_TCODE
C. E_TCODE

Show Answer

Question # 47

What is the transaction of the ICM monitor?

A. SMICM
B. SHDFK
C. SIFIDH

Show Answer

Question # 48

Which authorization object is provided to create and maintain users and assignments in a decentralized fashion with user groups

A. S_USER_GRP
B. S_CHANGE_GRP
C. S_CHATLOG_GRP

Show Answer

Question # 49

What is the transaction to maintain and activate the security audit log?

A. SM19
B. SM20
C. SM21

Show Answer

Question # 50

Which ABAP object used to check the authorization object assigned to the transaction?

A. TSTCA
B. Authoritycheck

Show Answer

Question # 51

Which of the authorization objects protect transaction code execution?

A. S_TCODE
B. P_TCODE
C. Q_TCODE

Show Answer

Question # 52

Profile parameter: If the parameter is set to 1 (default), user locks caused by incorrect logons during previous d ays are not taken into consideration. If the value is set to 0, the lock is not removed

A. login/fails_to_session_end
B. login/min_password_lng
C. Login/fails_to_user_lock
D. login/failed_user_auto_unlock

Show Answer

Question # 53

At which level is it possible to enforce the changes? 

A. System
B. client
C. viable

Show Answer

Question # 54

Profile parameter: If this parameter is set to value 1, the system blocks multiple SAP dialog logons (in the same client and with the same user name) 

A. login/fails_to_session_end
B. login/disable_multi_gui_login

Show Answer

Question # 55

Profile parameter: If this parameter is set to value 1, the system blocks multiple SAP dialog logons (in the same client and with the same user name) 

A. login/fails_to_session_end
B. login/disable_multi_gui_login
C. login/min_password_lng

Show Answer

Question # 56

Which user group should be assigned to the users SAP*, DDIC, EARLYWATCH?

A. user group Support
B. user group SUPER

Show Answer

Question # 57

Authorization that defines the authorization object name and the authorization name for which an administrator has authorization and the activities that are allowed ? 

A. S_USER_GRP
B. S_USER_AUTH
C. S_USER_PRO

Show Answer

Question # 58

What are the 4 steps required to setup the AIS

A. Copy the SAP role
B. Update the roles
C. Create a user for the auditor
D. Assign the roles

Show Answer

Question # 59

Which authorization object gives access to many administration functions?

A. S_AGFI_FCD
B. S_AFGI_FCD

Show Answer

Question # 60

How to combine the 2 worlds (SAP GUI and web)?

A. Using logon tickets, ITS and SAP shortcuts
B. Logon tickets is passed to the SAP shortcuts using ITS service wngui
C. Only from web to traditional (traditional to web not supported)

Show Answer

Question # 61

How entries in the Table USR40 (Invalid passwords) can be made generically? 

A. ? denotes a single character
B. * denotes a character string

Show Answer

Question # 62

What is the profile parameter to define the maximum of filters that can be used?

A. Rsau/creation_slot
B. rsau/selection_slot

Show Answer

Question # 63

Authorization that defines the transactions that an administrator may include in a role?

A. S_USER_GRP
B. S_USER_AUTH
C. S_USER_PRO
E. S_USER_TCD

Show Answer

Question # 64

Which transactions maintain the custom tables USOBX_C and USOBX_T? 

A. RZ11
B. USOBX_C
C. USOBT_C
D. USOBX
E. SU24

Show Answer

Question # 65

What are the 4 types of RFC connections?

A. Synchronous RFC
B. Asynchronous RFC
C. Dsshsdbcvdsa RFC

Show Answer

Question # 66

What is the structure of SAP Router file entry?

A. D: Deny
B. P: Permit
C. S: Permit
D. T:Permit

Show Answer

Question # 67

What is the transaction to access the CCMS alert monitor

A. RZ20
B. RZ21
C. RZ22

Show Answer

Question # 68

Which authorization object defines which table contents may be maintained by which employees?

A. S_TABU_DIS
B. The authorization object S_TABU_DIS controls only complete accesses, which are made using standard table maintenance
C. S_TAEAU_DPS

Show Answer

Question # 69

To which object type are person assigned to in the organizational plan?

A. Position
B. Post

Show Answer

Question # 70

ITS, scalability and load balancing, what are the 6 possible landscape?

A. Single Wgates connects to multiple Agates
B. Separate WGates connects to single Agate
C. Multiple WGates connects to multiple Agates
D. ITS connects to single Application server
E. Using groups at the creation dolmen level
F. Multiple ITS instances connect to single systems
G. ITS connects to message server (Load balancing)

Show Answer

Question # 71

What 3 security goals answer the digital signature? 

A. Integrity
B. Authentication
C. Non-repudiation

Show Answer

Question # 72

Which SAP product transforms the traditional SAP applications to Web-based transactions, so that they are accessible using Internet technology?

A. RFC, Remote function call
B. The ITS, Internet Transaction Server

Show Answer

Question # 73

How can you deactivate the special properties of SAP*?

A. set the system profile parameter
B. login/no_automatic_user_sapstar to a value greater than zero
C. set the new profile parameter

Show Answer

Question # 74

What are the 3 main components of a SAP role?

A. Role Menu
B. Authorization
C. User

Show Answer

Question # 75

CUA: In which transaction is the technical definition of the RFC connection maintained?

A. SM59
B. SM58
C. SM57

Show Answer

Question # 76

What are the 3 main windows of the Organization plan transaction

A. Organizational Structure window
B. Staff Assignments window
C.  Task Profile window

Show Answer

Question # 77

Which authorization object restricts a user’s access rights to specific parts of a table?

A. S_TABU_LIN
B. TDDAT
C. S_TABU_CLI

Show Answer

Question # 78

What are the 2 types of roles implementation strategy?

A. Menu roles
B. Authorization
C. Item roles

Show Answer

Question # 79

By default, authorization profiles are transported with role.What should be set up in order to avoid it?

A. PROFILE_TRANSPORT:=NO
B. Table PRGN_CUST
C. PROFILE_TRANSPORT:=YES

Show Answer

Question # 80

What 3 security goals answer SSF?

A. Integrity
B. Privacy
C. Authentication
D. Unprivacy

Show Answer

Question # 81

4 types of security audit log filters?

A. User
B. Audit Classes
C. Client
D. Security Level

Show Answer

Question # 82

Which authorization component can be transported?

A. User master records
B. Roles
C. Authorization profiles
D. Check indicators

Show Answer

Question # 83

ABAP Workbench components that are protected with S_DEVELOP

A. ABAP development tools
B. ABAP Dictionary and Data Modeler
C. Screen Painter and Menu Painter

Show Answer

Question # 84

What are the 2 main corposants of the ITS

A. Web gate
B. Application gate
C. Transfer gate

Show Answer

Question # 85

Which transaction allows you to see if the TMS Quality Assurance approval procedure has been set up?

A. STMS
B. SAMS
C. SRMS

Show Answer

Question # 86

Which profile parameter set the time for automatic SAPGUI logout? 

A. rdisp/gui_auto_Signin
B. rdisp/gui_auto_logout

Show Answer

Question # 87

What is a characteristic of the pre-delivered 'system-local' package within the SAP HANA repository?

A. It can be assigned to a delivery unit
B. It is used for development testing

Show Answer

Question # 88

What are the 2 possibilities to establish a trust when using the SAPCRYPTOLIB?

A. Either use a single PSE for all communication partner
B. Exchange public-key certificates
C. Using groups at the creation dolmen level

Show Answer

Question # 89

What is the safeguard of Eavesdropping?

A. Safeguard
B. Encryption

Show Answer

Question # 90

Which authorization object and its field enforce the administration function in the change and transport system?

A. TABL
B. INIT
C. IMPA
D. IMPS
E. TADD

Show Answer

Question # 91

How is a system (or a combination of systems) called that protects a networked system from unauthorized or unwelcome access?

A. A firewall
B. B firewall

Show Answer

Question # 92

The security policies are created by the security team in isolation from the business team. Determine whether this statement is true or false.

A. True
B. False

Show Answer

Question # 93

Authorization that defines the roles names for which an administrator is authorized and the activities that are allowed?

A. S_USER_GRP
B. S_USER_AUTH
C. S_USER_PRO
D. S_USER_AGR

Show Answer

Question # 94

Which authorization object enforces administering the spool system (Admin)? Values SP01, SP0R, SPAA, SPAB, SPAC, SPAD, SPAM, SPAR, SPTD, SPTR

A. S_ADMI_FCD
B. S_SPO_PAGE

Show Answer

Question # 95

Profile parameter: list containing the users who may log onto the system more than once is stored

A. login/fails_to_session_end
B. login/multi_login_users
C. login/min_password_lng
D. Login/fails_to_user_lock

Show Answer

Question # 96

Does the user assigned to a position then inherits all authorization profiles of these roles?

A. YES
B. NO

Show Answer

Question # 97

3 kinds of alternatives technologies for the load balancing

A. Hardware load balancer
B. Software load balancer
C. Web switchd

Show Answer

Question # 98

Regardless of the release status, after an upgrade you will have 2 possible statuses? What are they? 

A. Source release did not use PFCG (it might have to be activated)
B. Source release used PFCG (This means that tables USOBT_C and US OBX_C have to be updated as well as the existing roles)
C. Conversion of manually created profiles to roles if necessary (su25)

Show Answer

Question # 99

What is the measure for each source of risk?

A. Organizational Measures
B. Technical Measures
C. Environmental measures
D. Access Control

Show Answer

Question # 100

Which 2 tables control the behavior of the Profile Generator after the transaction has been selected?

A. RZ11
B. USOBX_C
C. USOBT_C

Show Answer

Question # 101

SNC: Where are the private keys stored?

A. In the SDC PSE
B. In the SNC PSE
C. In the SEC PSE

Show Answer

Question # 102

What is an ITS service? 

A. Multiple ITS instances connect to single systems
B. An ITS service is the set of components needed to call an SAP transaction via the ITS

Show Answer