Most Recent SAP P_SECAUTH_21 Exam Dumps

Prepare for the SAP Certified Technology Professional - System Security Architect exam with our extensive collection of questions and answers. These practice Q&A are updated according to the latest syllabus, providing you with the tools needed to review and test your knowledge.

QA4Exam focus on the latest syllabus and exam objectives, our practice Q&A are designed to help you identify key topics and solidify your understanding. By focusing on the core curriculum, These Questions & Answers helps you cover all the essential topics, ensuring you're well-prepared for every section of the exam. Each question comes with a detailed explanation, offering valuable insights and helping you to learn from your mistakes. Whether you're looking to assess your progress or dive deeper into complex topics, our updated Q&A will provide the support you need to confidently approach the SAP P_SECAUTH_21 exam and achieve success.

The questions for P_SECAUTH_21 were last updated on Apr 30, 2025.

Viewing page 1 out of 16 pages.
Viewing questions 1-5 out of 80 questions

Get All 80 Questions & Answers

Question No. 1

You want to carry out some preparatory work for running the SAP Security Optimization Selfservice on a customer system. Which of the following steps do you have to run on the managed systems? Note: There are 2 correct answers to this question.

AConfigure Secure Network Communications

BConfigure specific authorizations

CInstall the ST-A/PI plug-in

DGrant operating system access

Show Answer

Correct Answer: B, C

These are some of the steps that you have to run on the managed systems to prepare for running the SAP Security Optimization Self-service on a customer system. The SAP Security Optimization Self-service is a service that allows you to perform security checks on your SAP systems using predefined questionnaires and automated analysis tools. The service requires specific authorizations on the managed systems, such as RFC authorizations or Security Audit Log authorizations, which you have to configure using PFCG transaction or RZ10 transaction respectively. The service also requires the ST-A/PI plug-in on the managed systems, which is a plug-in that provides various functions and tools for service delivery, such as data collection or remote analysis. Reference: https://support.sap.com/en/security/security-optimization-services.html https://support.sap.com/en/security/security-optimization-services.html

Question No. 2

What are some characteristics of an SAP HANA multitenant database system (MDC)

running in high isolation mode? Note: There are 2 correct answers to this question.

AAll tenant databases will share the operating system user and group.

BAll tenant-specific permissions to access files and directories are revoked from the
<sid>adm user.

CThe <sid>adm user can access the tenant-specific configuration and trace files.

DAll tenant-specific file and directory permissions are managed by the SAP HANA system

Show Answer

Correct Answer: B, D

These are some of the characteristics of an SAP HANA multitenant database system (MDC) running in high isolation mode. MDC is a feature that allows you to run multiple databases on one SAP HANA system, each with its own users, catalog, repository, data, and services. High isolation mode is a mode that provides enhanced security and isolation for tenant databases by restricting access to files and directories at the operating system level. In high isolation mode, all tenant-specific permissions to access files and directories are revoked from the <sid>adm user, which is the operating system user for SAP HANA administration. All tenant-specific file and directory permissions are managed by the SAP HANA system using internal users and groups. Reference: https://help.sap.com/viewer/6b94445c94ae495c83a1

Question No. 3

You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted.

You want to reset this password by using the program

TMS_UPDATE_PWD_OF_TMSADM.What steps would you take to reset this password? Note:

There are 2 correct answers to this question.

ARun the program in all systems/clients including 000

BRun the program in the Domain Controller (client 000)

CDeactivate the SNC option

DExecute command TP LOCKSYS <SID> pf=<DOMAIN_CONTROLLER_PROFILE>

Show Answer

Correct Answer: B, D

These are some of the steps that you would take to reset the password of the TMSADM user in your SAP landscape by using the program TMS_UPDATE_PWD_OF_TMSADM. The TMSADM user is a special user that is used for Transport Management System (TMS) communication and administration. You would run the program in the Domain Controller (client 000), which is the system that controls the transport domain and configuration. You would also execute the command TP LOCKSYS <SID> pf=<DOMAIN_CONTROLLER_PROFILE>, which locks all systems in the transport domain except the Domain Controller, to prevent any inconsistencies or errors during the password reset process. Reference: https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/48/9e2e3f6f8e41e8a283aaf2ad2c64c4/content.htm?no_cache=true

Question No. 4

You are asked to set up controls to monitor sensitive objects (such as programs, user exits,

and function modules) in a development system before they are transported to the quality

assurance system. Which table would you maintain to monitor such sensitive objects before

running an import?

ATMSBUFFER

BTMSCDES

CTMSTCRI

DTMSMCONF

Show Answer

Correct Answer: C

This is one of the tables that you would maintain to monitor sensitive objects (such as programs, user exits, or function modules) in a development system before they are transported to the quality assurance system. TMSTCRI is a table that contains criteria for import checks of transport requests, which are packages of changes or objects that can be moved between SAP systems or clients. You can define criteria for specific objects or object types in this table, such as program name, object name, or object type. If a transport request contains an object that matches one of the criteria in this table, the import will be stopped and an error message will be displayed. Reference: https://help.sap.com/doc/saphelp_nw73ehp1/7.31.19/en-US/c8/e8d53d35fb11d182b90000e829fbfe/content.htm?no_cache=true

Question No. 5

Which communication protocols are supported by the SAP Cloud Connector? Note: There

are 2 correct answers to this question.

ASNA

BLDAP

CNNTP

DRFC

Show Answer

Correct Answer: B, D

The SAP Cloud Connector supports these communication protocols: LDAP (Lightweight Directory Access Protocol) and RFC (Remote Function Call). LDAP is used to connect to an on-premise directory service, such as Active Directory, and synchronize user data with the cloud identity provider. RFC is used to connect to an on-premise SAP system and enable remote function calls from the cloud applications. Reference: https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/e6c7616abb5710148cfcf3e75d96d596.html https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/e6c7616abb5710148cfcf3e75d96d596.html

Unlock All Questions for SAP P_SECAUTH_21 Exam

Full Exam Access, Actual Exam Questions, Validated Answers, Anytime Anywhere, No Download Limits, No Practice Limits

Get All 80 Questions & Answers