01. Which of these tasks do you perform to implement roles in an AS ABAP authorization project?
Note: There are 3 correct answers to this question.
a) Configure audit log
b) Define role name pattern
c) Create roles in the development system and assign these roles to a transport
d) Mitigate user role assignment
e) List transactions that should be used
02. What ABAP authorization object is required in the central user administration (CUA) to control the assignment of roles to users?
Note: There are 2 correct answers to this question.
a) S_USER_AGR
b) S_USER_SYS
c) S_USER_PRO
d) S_USER_GRP
03. Which of the following is a digital signature algorithm?
Please choose the correct answer.
a) Rivest-Shamir-Adleman (RSA)
b) Hash of variable length
c) Secure hash algorithm (SHA)
d) Message digest algorithm
04. You want to set up a secure system landscape to transport workbench and customizing changes to production. What does SAP recommend you do to set up a secure ABAP transport landscape?
Note: There are 2 correct answers to this question.
a) Implement secure store and forward (SSF) between the SAP servers in the system landscape.
b) Create PFCG roles with authorization objects S_TRANSPRT and S_CTS_ADMI and assign to defined users.
c) Assign import authorizations to developers in the production system.
d) Set up Solution Manager change request management (CHARM) to approve transports into the production system.
05. What protocol can SAP Web Dispatcher use to communicate with the SAP Message Server?
Note: There are 2 correct answers to this question.
a) FTP
b) HTTPS
c) HTTP
d) SMTP
06. Which of the following are components of a personal security environment (PSE)?
Note: There are 2 correct answers to this question.
a) Private and public key pair
b) Digital signature
c) Public-key certificate of the server
d) SAP security library
07. You want to install SAP Web Dispatcher for your system. Your SAP Web Dispatcher should run in a demilitarized zone (DMZ). Which of the following statements are true about ports on the internal DMZ firewall?
Note: There are 2 correct answers to this question.
a) In an AS ABAP scenario you must open the ABAP dispatcher port.
b) In an AS Java scenario you must open the Java dispatcher port.
c) In an AS ABAP+Java scenario you must open the Java and the ABAP Dispatcher port.
d) In an AS Java scenario you must open the ICM (Internet Communication Manager) port.
e) In an AS ABAP+Java scenario you must open the ICM port.
08. Which of the following statements regarding the ICM (Internet Communication Manager) are true?
Note: There are 2 correct answers to this question.
a) One ICM per system controls the access to the corresponding objects (like BSPs) in AS ABAP.
b) Since the ICM is an integral part of each ABAP instance, classical ABAP dynpros can be accessed via http(s).
c) Through the internet communication framework (SICF) the ICM controls access to ABAP objects like BSPs.
d) The ICM server cache utilizes the UFO cache to prevent denial of service attacks.
e) To deactivate the ports of the ICM you have to adapt the corresponding parameters in the instance profile.
09. Which instance parameter is related to the audit files?
Please choose the correct answer.
a) dir/datafiles
b) auth/rfc_authority_check
c) auth/object_disabling_active
d) rsau/local/file
10. Which profile parameter should be adjusted to prevent users from losing their authorizations during profile generation and when importing profiles and/or roles?
Please choose the correct answer.
a) auth/rfc_authority_check
b) auth/auth_number_in_userbuffer
c) auth/new_buffering
d) auth/no_check_in_some_cases