Question No. 1

What does return code 1 2 mean when performing STAUTHTRACE?

AAn invalid user name was specified in user

BToo many parameters for authorization checks

CNo authorization but does have authorization object in user buffer

DNo authorization and no authorization object in user buffer

Show Answer

Correct Answer: C

Return code 12 means that the user does not have the required authorization for an authority check but does have the authorization object in the user buffer. This means that the user has some values for the authorization object but not the ones that are needed for the specific check. Reference: https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true https://help.sap.com/doc/saphelp_nw70ehp3/7.03/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true

Question No. 2

SAP GRC Access Control provides risk analysis for which of the following? Note: There are 2

correct answers to this question.

ABusiness Role Management

BAccess Request Managment

CBusiness Rule Framework

DPassword Self-Service

Show Answer

Correct Answer: A, B

SAP GRC Access Control provides risk analysis for these components. SAP GRC Access Control is a suite of applications that enables you to manage access risks and compliance across your SAP systems and landscapes. Business Role Management is a component that allows you to design and maintain business roles based on user tasks and functions, and analyze them for potential risks or conflicts. Access Request Management is a component that allows you to request, approve, provision, and monitor access changes for users and roles, and analyze them for potential risks or violations. Reference: https://help.sap.com/viewer/product/SAP_ACCESS_CONTROL/en-US

Question No. 3

What authorization objects do we need to create job steps with external commands in a background job? Note: There are 2 correct answers to this question.

AS_BTCH_EXT

BS_BTCH_ADM

CS_RZL_ADM

DS_LOG_COM

Show Answer

Correct Answer: A, B

These are some of the authorization objects that we need to create job steps with external commands in a background job. A background job is a process that runs in the background without user interaction and performs tasks such as data processing or report generation. A job step is a unit of work within a background job that executes a program or an external command. S_BTCH_EXT is an authorization object that controls the execution of external commands or programs in a job step. S_BTCH_ADM is an authorization object that controls the administration of background jobs, such as creating, changing, or deleting jobs. Reference: https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true

Question No. 4

How can you describe the hierarchical relationships between technical entities in the Cloud Foundry?

AA SaaS tenant acts as one Cloud Foundry Organization.

BA global account can have one or many subaccounts.

CA SaaS tenant acts as one provider account.

DA subscription is a PaaS tenant.

Show Answer

Correct Answer: B

This is one of the ways that you can describe the hierarchical relationships between technical entities in the Cloud Foundry. Cloud Foundry is a platform-as-a-service (PaaS) that enables developers to deploy and run cloud-native applications using various services and frameworks. Cloud Foundry uses different technical entities to organize and manage resources and access rights, such as global accounts, subaccounts, organizations, spaces, applications, and services. A global account is an entity that represents a customer or partner who has subscribed to SAP Cloud Platform services and products. A global account can have one or many subaccounts, which are entities that represent logical subdivisions or business units within a global account. Reference: https://help.sap.com/viewer/65de2977205c403bbc107264b8eccf4b/Cloud/en-US/9e1bf57130ef466e8017eab298b40e5e.html

Question No. 5

Who can revoke a runtime role from a user in the SAP HANA tenant database? Note: There are 2 correct answers to this question.

AThe granting user

BAnyone with 'ROLE ADMIN'

CThe owner of the HDI container

DThe DBACOCKPIT user

Show Answer

Correct Answer: A, B

These are some of the users who can revoke a runtime role from a user in the SAP HANA tenant database. A runtime role is a role that is granted dynamically to a user when they connect to a database using an application or service, such as XSODATA or XSJS. A runtime role can be revoked by the user who granted it, or by anyone who has the ''ROLE ADMIN'' system privilege, which allows them to create, grant, and revoke roles in the database. Reference: https://help.sap.com/viewer/6b94445c94ae495c83a19646e7c3fd56/2.0.05/en-US/fafcbcf9d9101014b3d9a08ce33d9640.html

Free SAP P_SECAUTH_21 Exam Actual Questions

The questions for P_SECAUTH_21 were last updated On Nov 6, 2024