SAP Security Interview Series

SAP SECURITY Interview Series – Part 1

Do checkout this commonly asked SAP Security Interview Q/A Series and prepare for your interviews easily. This is Part 1 of 10 Part Series.

SAP SECURITY Interview Series

1. What Are the Different Layers of Security Available in SAP?

There are multiple layers available for security in SAP which includes:

  • Authorization – Users can only be able to do certain functions & tasks for which they have permission
  • Authentication – Users which are having the access will be able to go through the system & applications
  • Privacy – Privacy and protection of data & application from any kind of unauthorized access
  • Integrity – To manage that the data is completely accurate and consistent in nature
  • Obligation – Ensuring legal obligations and rules to be followed by stake holders and share holders.

2. Explain the Concept Behind PFCG Tcode?

PFCG Tcode stands for Profile Generator.

This Tcode is mainly used to play with the roles of the users.

It can be used for:

  • When the role is being created or modified, the profile of the user is being generated here.
  • We can also create and maintain the roles here, in PFCG Tcode, also supports mass role assignment.
  • Certain specific accesses and authorizations have been given using PFCG Tcode.
  • The menu structure of the role has also been defined here.
  • Creation of composite roles can also be done using the PFCG Tcode.

3. What Common Security Measures Can Be Faced, to Protect the Sap Environment From Any Unauthorized Access?

Ans: To protect SAP Environment, several SAP Security practices can be performed :

  • MFA – Multifactor Authentication – This is an additional layer which require verification for availing the access.
  • Using SSL – Secure Socket Layer and SNC – Secure Network Communication to encrypt the data that is to be transmitted.
  • Fire Fighter Roles to provide temporary and controlled access to the users for using certain functionalities.
  • Complete monitoring and analyzing of the system to provide real time response to the security events.
  • Timely Patch Management and Authorization.
  • Checks Role based Access Control to the system

What is the General Password Policy in SAP Security?

Ans: General password rules include:

  • Minimum a password should be 8 char long.
  • There must be an expiration period for the password.
  • If a certain number of consecutive failed attempt logins, then user account will be locked.
  • Self service portal for changing the current password.
  • Number of previous passwords cannot be used.

5. What are the Different Type of Users in SAP Security?

Ans: There are multiple users available in SAP Security and each user is designed to meet specific needs and conditions:

  • 1. Type A – Dialog User This user can login to SAP GUI, Following the password policies and have authorizations to their ID’s based on the job roles. They have interactive session with SAP.
  • 2. Type B – System User They are the users who use background processing functionalities and system to system communication. Their password do not expire but same time they cannot login interactively with the system.
  • 3. Type C – Communication User They are used for Remote Function Calls to communicate with the external systems.
  • 4. Type S – Service User This is a kind of temporary access where multiple individuals can be login at the same time.
  • 5. Type L – Reference User When additional authorizations are being provided to the users without letting them login by themselves
  • 6. Type P – CPIC User It is used for common programmed interface communications between the systems such as system to system communication with CPIC Flow.

Hope you like the SAP SECURITY Interview Series Part 1.

SAP SECURITY Interview

Check out other parts of sap security interview questions series part 1 to 10.