MCQs | SAP GRC/SAP Security Multiple choice Questions Sample Test,Sample questions

Question:
A new single role is created and only one custom transaction code Z123 is added to the role menu. How many authorization objects should be available in the authorization data when a user goes to generate the role?

1.At least two authorization objects

2.No authorization object since this is a custom transaction code

3.At least one authorization object

4.None of the above


Question:
A role contains several profiles. Which of the following tables can fetch that list?

1.agr_prof

2.agr_1016

3.agr_1250

4.agr_define


Question:
As per the options given below, please select the one which is checked second when a user executes a transaction code? |

1.Check to see if the tcode exists in the SAP system or not

2.Check to see if the tcode is locked or not

3.Check in the user buffer to see if the user has necessary authorization objects with necessary field values as per the “Authority-Check” statements

4.Check in the user buffer to see if the authorization object S_TCODE contains the executed transaction code


Question:
Default password for SAP standard user SAP* is :

1.06071995

2.06071992

3.06081992

4.None of these


Question:
Old Security audit logs can be deleted using tcode:

1.SM20

2.SM22

3.SM19

4.SM18


Question:
RFC ABAP Type 3 is created between two systems using transaction code SM59. During RFC call, what authorization object will be checked in the source system?

1.S_RFC

2.S_RFCACL

3.S_ICF

4.None of These


Question:
Security Java security roles on the AS Java can be defined either globally or locally. Which of the following are globally defined security roles in AS Java?

1.Guest

2.All

3.System

4.KeystoreViewCreator


Question:
The AS ABAP categorizes users into several types for different purposes. Which of the following are NOT valid user types in AS ABAP.

1.Service

2.Reference

3.Guest

4.System


Question:
The As ABAP communicates with its communication partners using various protocols. Each of these protocols use a specific security mechanism. which of the following protocols are matched up correctly with the security mechanism?

1.DIAG'--SSL

2.RFC--SSLS

3.HUP--SNCS

4.LDAP - SSL


Question:
The user buffer can be displayed using transaction code:

1.AL11

2.SU56

3.AL08

4.SU53


Question:
The User Management Engine (UME) allows you to define a security policy, with reference to this, which of the following statements are true?

1.The number of failed logon attempts after which a user is locked, is defined in the security policy.

2.The UME security policy is independent of the security policy of the UME data source

3.You can define a security policy for the UME that is the same or stronger than the corresponding security policy in the backend system.

4.None of these


Question:
Transaction code text can be displayed using table:

1.TSTCT

2.TACTZ

3.TBRG

4.TPGP


Question:
What are the best practices for establishing a connection type Establishing Trust for Server-Sideauthentication?

1.Generate the key pair on the server component.

2.Use a public-key certificate that is signed and issued by a CA

3.Make sure the client components trust the issuing CA.

4.All of the above


Question:
What reports/programs can be used to regenerate SAP_ALL profile?

1.RSUSR406

2.PFCG_TIME_DEPENDENCY

3.AGR_REGENERATE_SAP_ALL

4.RSUSR004


Question:
Which of the following actions are not present in user action field for authorization object S_PROGRAM?

1.CREATE

2.DISPLAY

3.both (a) and (b)

4.none of these


Question:
Which of the following is false?

1.Programs are cross-client data

2.A table may be client specific

3.Tcode RZ11 is used to maintain the profile parameters

4.None of the above


Question:
Which of the following SAP tables can help in determining the single roles which are assigned to a given composite role?

1.AGR_DEFINE

2.AGR_1016

3.AGR_AGRS

4.AGR_1252


Question:
With reference to the LDAP directory, and the UME, which of the following are true?

1.The LDAP directory can either be connected as a read-only data source or as a writeable data source

2.The UME can support Users as a tree or a Flat hierarchy

3.The Distinguished Names (DNs) of user and group objects must not be longer than 240 characters.

4.If you are using an LDAP directory with a deep hierarchy, you can assign users or groups as members of another group using the UME user administration tools.


Question:
You have a mixed system landscape including both SAP and non-SAP systems, or you have an existing corporate LDAP directory in your system landscape. User management data is stored in a combination of an LDAP server and a database. Which of the following data is written to and read from the IDAP server?

1.Additional data (for example, information about when a user was last changed)

2.Other principal types (for example, roles)

3.Groups (displayname, description, uniquename, and the group members)

4.User accounts (logonid, password, ID of the assigned user)


More MCQS

  1. SAP Security Multiple choice Questions
Search