Q32. You want to launch classic SAP GUI transactions directly from the SAP Fiori Launchpad. Which of the following scenarios do you choose?

Q33. Why should you create multiple dispatchers in SAP Identity Management? Note: There are 2 correct answers to this question.

Q34. Based on your company guidelines you have set the password expiration to 60 days. Unfortunately, there is an RFC user on your SAP system which must not have a password change for 180 days. Which option would you recommend to accomplish such a request?

Q35. The SSO authentication using X.509 client certificates is configured. Users complain that they can’t log in to the back-end system. The trace file shows the following error message: “HTTP request [2/5/9] Reject untrusted forwarded certificate”. What is missing in the configuration? Note: There are 2 correct answers to this question.

Q36. You want to create an SAP Fiori app for multiple users and multiple back-end systems. To support this, you create different roles for the different back-end systems in the SAP Fiori front-end system (central hub). What transaction do you have to use to map a back-end system to one of those roles?

Q37. What is the SAP Best Practice to delete a security SAP role in SAP landscape?

Q38. You are reviewing the authorizations for Core Data Services (CDS) views. How are classic authorizations integrated with CDS authorizations?

Q39. Your company is running SAP S/4HANA on premise, with the requirement to run the SAP Fiori Launchpad in the SAP Cloud Platform. What would be the recommended scenario for user authentication for internet browser access to the SAP Fiori Launchpad?

Q40. Which data source needs to be integrated into SAP Identity Management via the Virtual Directory Server (VOS)?

Q41. How can you protect a table containing sensitive data using the authorization object S_TABU_DIS?

Q42. Where can we store the Security Audit Log events? Note: There are 2 correct answers to this question.

Q43. The SAP HANA database is installed with multi database container (MDC) mode with multiple tenant databases configured. What are the required activities to enable access between tenants? Note: There are 2 correct answers to this question.

Q44. You have implemented CUA in your organization and you want to set the field distribution attribute as follows: Maintain a default value in the central system that is automatically distributed to the child systems when you create a user. After distribution, the data is maintained only locally and is no longer distributed if you change it in the central or child system. Which field distribution parameter do you maintain?

Q45. What can you maintain in transaction SU24 to reduce the overall maintenance in PFCG? Note: There are 3 correct answers to this question.

Q46. Which authorization object controls access to the trusting system between the managed system and SAP Solution Manager?

Q47. You verified the password of the TMSADM user in your SAP landscape to be SAP defaulted. You want to reset this password by using program TMS_UPDATE_PWD_OF_TMSADM. What steps would you take to reset this password?
Note: There are 2 correct answers to this question

Q48. A security consultant has activated a trace via ST01 and is analyzing the authorization error with Return Code 12. What does the Return Code 12 signify?

Q49. You are running an SAP HANA database in a multi database container (MDC) mode with a single tenant configured. The global_auditing_state parameter has been set to “true” on the global.ini.After restarting the system and tenant databases, the tenant did not come up. When checking the cause, it was discovered that a tenant configuration parameter has been changed. The audit logging did NOT show any events.What could be the reason for this? Note: There are 2 correct answers to this question.

Q50. You have configured a Gateway SSO authentication using X.509 client certificates. The configuration of the dual trust relationship between client (browser) and SAP Web Dispatcher as well as the configuration of the SAP Web Dispatcher to accept and forward client certificates were done. Users complain that they can’t log in to the back-end system. How can you check the cause?

Q51. What is the User Management Engine (UME) property “connect on pooling” used for? Note: There are 2 correct answers to this question.

Q52. A user has the authorization to execute SP01. What can this user access with authorization object S_ SPO_ ACT when the ‘Value for Authorization Check’ field is set to “_USER.

Q53. You have an HR table for which you want to create a role to provide users the ability to display and change its table content based on the country groupings. Which of the steps would you take to accomplish these requirements? Note: There are 2 correct answers to this question.

Q54. Because of which security threat would you need to make additional configuration settings to run the SAP Fiori Launchpad from within your SAP NetWeaver Portal?

Q55. Insufficient authorization checks might allow A BAP programs to access the PSE files. Which authorization objects should we check to protect the PSEs? Note: There are 2 correct answers to this question.