Do checkout this commonly asked SAP Security Interview Q/A Series and prepare for your interviews easily. This is Part 9 of 10 Part Series.
SAP SECURITY Interview Series
1. Explain the type of tabs available in PFCG?
Ans: Within PFCG, there are multiple tabs available which are used to configure and manage the roles in SAP Security.
Primary tabs available are:
- Authorization Tab: This tab is used to manage the authorization profiles which mentions which user is assigned with which role.
- Personalization Tab: It includes personalization settings to customize user experience for the users which are assigned to roles.
- User Tab: It assigns users to the role.
- Description Tab : It helps in providing the description to the role names.
- Menu Tab : It helps in defining the user menu for the roles assigned to the user.
2. What do you use to regenerate the SAP_ALL profile?
Ans: In order to regenerate SAP_ALL profile, transaction code SU21 can be used.
In SU21, object authorization class, relevant objects needs to be selected. Once the object is being selected, profile regeneration can happen.
Along with that, PFCG Tcode can also be used to regenerate profiles associated with roles.
3. Explain the concept behind old security audit logs?
Ans: When the administrator has to track security related events within SAP System and ensure the security and integrity of the system, by monitoring, analyzing & ensuring the same, then old security audit logs are being used.
It captured detailed information on these events. SM19 is the tcode which is used to configure the audit logs. Old security audit logs mainly are the historical data sets which are collected over time.
4. What is the difference between authentication and authorization?
Ans: Authentication is when the identity of the user is being verified before granting any kind of access.
On the other hand, authorization is when we determine if a user has right to access specific resources or not. Authentication is the first step and authorization is next step to authentication.
Authentication checks who the user is whereas authorization checks what all the user can access.
5. What is least privilege concept in SAP Security?
Ans: Least privilege is the concept which says in SAP Security, the user should not be given more access than the required one. Only limited permissions should be there.
This is important because it reduces the risk of unauthorized access and helps in complying with various regulatory standards.
Regular auditing access and carefully designing roles,least privilege concept can be implemented.
Hope you like SAP Security Interviews Series PART – 9
SAP SECURITY Interview Check out other parts at SAP Security Interview Series From Part 1 to 10.