Olete.in
Articles
Mock Tests
🧪 SAP GRC MCQ Quiz Hub
SAP Security Multiple choice Questions
Choose a topic to test your knowledge and improve your SAP GRC skills
1. Which of the following SAP tables can help in determining the single roles which are assigned to a given composite role?
AGR_DEFINE
AGR_1016
AGR_AGRS
AGR_1252
2. A new single role is created and only one custom transaction code Z123 is added to the role menu. How many authorization objects should be available in the authorization data when a user goes to generate the role?
At least two authorization objects
No authorization object since this is a custom transaction code
At least one authorization object
None of the above
3. Which of the following actions are not present in user action field for authorization object S_PROGRAM?
CREATE
DISPLAY
both (a) and (b)
none of these
4. What reports/programs can be used to regenerate SAP_ALL profile?
RSUSR406
PFCG_TIME_DEPENDENCY
AGR_REGENERATE_SAP_ALL
RSUSR004
5. Old Security audit logs can be deleted using tcode:
SM20
SM22
SM19
SM18
6. Transaction code text can be displayed using table:
TSTCT
TACTZ
TBRG
TPGP
7. Default password for SAP standard user SAP* is :
06071995
06071992
06081992
None of these
8. RFC ABAP Type 3 is created between two systems using transaction code SM59. During RFC call, what authorization object will be checked in the source system?
S_RFC
S_RFCACL
S_ICF
None of These
9. Which of the following is false?
Programs are cross-client data
A table may be client specific
Tcode RZ11 is used to maintain the profile parameters
None of the above
10. As per the options given below, please select the one which is checked second when a user executes a transaction code? |
Check to see if the tcode exists in the SAP system or not
Check to see if the tcode is locked or not
Check in the user buffer to see if the user has necessary authorization objects with necessary field values as per the “Authority-Check” statements
Check in the user buffer to see if the authorization object S_TCODE contains the executed transaction code
11. The user buffer can be displayed using transaction code:
AL11
SU56
AL08
SU53
12. A role contains several profiles. Which of the following tables can fetch that list?
agr_prof
agr_1016
agr_1250
agr_define
13. The AS ABAP categorizes users into several types for different purposes. Which of the following are NOT valid user types in AS ABAP.
Service
Reference
Guest
System
14. Security Java security roles on the AS Java can be defined either globally or locally. Which of the following are globally defined security roles in AS Java?
Guest
All
System
KeystoreViewCreator
15. The As ABAP communicates with its communication partners using various protocols. Each of these protocols use a specific security mechanism. which of the following protocols are matched up correctly with the security mechanism?
DIAG'--SSL
RFC--SSLS
HUP--SNCS
LDAP - SSL
16. With reference to the LDAP directory, and the UME, which of the following are true?
The LDAP directory can either be connected as a read-only data source or as a writeable data source
The UME can support Users as a tree or a Flat hierarchy
The Distinguished Names (DNs) of user and group objects must not be longer than 240 characters.
If you are using an LDAP directory with a deep hierarchy, you can assign users or groups as members of another group using the UME user administration tools.
17. You have a mixed system landscape including both SAP and non-SAP systems, or you have an existing corporate LDAP directory in your system landscape. User management data is stored in a combination of an LDAP server and a database. Which of the following data is written to and read from the IDAP server?
Additional data (for example, information about when a user was last changed)
Other principal types (for example, roles)
Groups (displayname, description, uniquename, and the group members)
User accounts (logonid, password, ID of the assigned user)
18. The User Management Engine (UME) allows you to define a security policy, with reference to this, which of the following statements are true?
The number of failed logon attempts after which a user is locked, is defined in the security policy.
The UME security policy is independent of the security policy of the UME data source
You can define a security policy for the UME that is the same or stronger than the corresponding security policy in the backend system.
None of these
19. What are the best practices for establishing a connection type Establishing Trust for Server-Sideauthentication?
Generate the key pair on the server component.
Use a public-key certificate that is signed and issued by a CA
Make sure the client components trust the issuing CA.
All of the above
Submit