Top 100+ Sap Security Interview Questions And Answers
Question 1. Explain What Is Sap Security?
Answer :
SAP security is presenting correct get entry to to enterprise customers with admire to their authority or obligation and giving permission according to their roles.
Question 2. Explain What Is “roles” In Sap Security?
Answer :
“Roles” is referred to a set of t-codes, which is assigned to execute unique business challenge. Each position in SAP requires unique privileges to execute a feature in SAP this is known as AUTHORIZATIONS.
SAP BI Interview Questions
Question three. Explain How You Can Lock All The Users At A Time In Sap?
Answer :
By executing EWZ5 t-code in SAP, all of the person can be locked on the same time in SAP.
Question 4. Mention What Are The Pre-requirements That Should Be Taken Before Assigning Sap_all To A User Even There Is An Approval From Authorization Controllers?
Answer :
Pre-standards follows like
Enabling the audit log- the use of sm 19 tcode
Retrieving the audit log- using sm 20 tcode
SAP BI Tutorial
Question 5. Explain What Is Authorization Object And Authorization Object Class?
Answer :
Authorization Object: Authorization gadgets are corporations of authorization field that regulates unique activity. Authorization pertains to a specific motion even as Authorization field relates for safety directors to configure particular values in that specific action.
Authorization item elegance: Authorization item falls underneath authorization item classes, and they may be grouped by way of function location like HR, finance, accounting, and many others.
SAP HR Interview Questions
Question 6. Explain How You Can Delete Multiple Roles From Qa, Dev And Production System?
Answer :
To delete a couple of roles from QA, DEV and Production System, you need to comply with underneath steps:
Place the jobs to be deleted in a shipping (in dev)
Delete the jobs
Push the delivery through to QA and manufacturing
This will delete all the all roles
Question 7. Explain What Things You Have To Take Care Before Executing Run System Trace?
Answer :
If you're tracing batch user ID or CPIC, then before executing the Run System Trace, you need to ensure that the identification must have been assigned to SAP_ALL and SAP_NEW. It allows the user to execute the task with none authorization test failure.
SAP HR Tutorial SAP BO Interview Questions
Question 8. Mention What Is The Difference Between Usobt_c And Usobx_c?
Answer :
USOBT_C: This desk is composed the authorization idea facts which includes the authorization facts which can be relevant for a transaction
USOBX_C: It tells which authorization test are to be done inside a transaction and which ought to not
Question 9. Mention What Is The Maximum Number Of Profiles In A Role And Maximum Number Of Object In A Role?
Answer :
Maximum wide variety of profiles in a role is 312, and maximum range of object in a function is one hundred fifty.
SAP BASIS Interview Questions
Question 10. What Is The T-code Used For Locking The Transaction From Execution?
Answer :
For locking the transaction from execution t-code SM01, is used.
SAP BO Tutorial
Question 11. Mention What Is The Main Difference Between The Derived Role And A Single Role?
Answer :
For the unmarried role, we will add or delete the t-codes even as for a derived role you can not try this.
SAP ABAP Interview Questions
Question 12. Explain What Is Sod In Sap Security?
Answer :
SOD approach Segregation of Duties; it's far implemented in SAP a good way to stumble on and prevent error or fraud for the duration of the commercial enterprise transaction. For example, if a user or worker has the privilege to get admission to bank account element and price run, it is probably feasible that it can divert supplier payments to his own account.
SAP BI Interview Questions
Question 13. Mention Which T-codes Are Used To See The Summary Of The Authorization Object And Profile Details?
Answer :
SU03: It offers an overview of an authorization object
SU02: It gives a top level view of the profile information
SAP BASIS Tutorial
Question 14. Explain What Is User Buffer?
Answer :
A person buffer includes all authorizations of a user. User buffer may be carried out by means of t-code SU56 and person has its personal user buffer. When the person does not have the essential authorization or contains too many entries in his user buffer, authorization test fails.
Question 15. By Which Parameter Number Of Entries Are Controlled In The User Buffer?
Answer :
In person buffer wide variety of entries are managed by means of the profile parameter “Auth/auth_number_in_userbuffer”.
ERP Tools Interview Questions
Question 16. How Many Transactions Codes Can Be Assigned To A Role?
Answer :
To a role maximum of 14000 transaction codes can be assigned.
SAP ABAP Tutorial
Question 17. Mention Which Table Is Used To Store Illegal Passwords?
Answer :
To keep unlawful passwords, desk USR40 is used, it is used to save pattern of phrases which can't be used as a password.
SAP BW Interview Questions
Question 18. Explain What Is Pfcg_time_dependency?
Answer :
PFCG_TIME_DEPENDENCY is a document that is used for consumer grasp contrast. It also clears up the expired profiles from user grasp file. To without delay execute this report PFUD transaction code also can be used.
SAP HR Interview Questions
Question 19. Explain What Does User Compare Do In Sap Security?
Answer :
In SAP security, USER COMPARE option will evaluate the consumer master file so that the produced authorization profile can be entered into the consumer grasp file.
ERP Tools Tutorial
Question 20. Mention Different Tabs Available In Pfcg?
Answer :
Description: The tab is used to explain the modifications made like information associated with the function, addition or elimination of t-codes, the authorization object, etc.
Menu: It is used for designing consumer menus like addition of t-codes
Authorization: Used for maintaining authorization facts and authorization profile
User: It is used for adjusting person master statistics and for assigning customers to the function.
SAP PI Interview Questions
Question 21. Which T-code Can Be Used To Delete Old Security Audit Logs?
Answer :
SM-18 t-code is used to delete the old security audit logs.
Question 22. Explain What Reports Or Programs Can Be Used To Regenerate Sap_all Profile?
Answer :
To regenerate SAP_ALL profile, document AGR_REGENERATE_SAP_ALL may be used.
SAP BW Tutorial
Question 23. Using Which Table Transaction Code Text Can Be Displayed?
Answer :
Table TSTCT can be used to show transaction code text.
SAP HANA Interview Questions
Question 24. Which Transaction Code Is Used To Display The User Buffer?
Answer :
User buffer may be displayed through using transaction code AL08.
SAP BO Interview Questions
Question 25. Mention What Sap Table Can Be Helpful In Determining The Single Role That Is Assigned To A Given Composite Role?
Answer :
Table AGR_AGRS will be helpful in figuring out the unmarried position that is assigned to a given composite function.
SAP PI Tutorial
Question 26. What Is The Parameter In Security Audit Log (sm19) That Decides The Number Of Filters?
Answer :
Parameter rsau/no_of_filters are used to decide the range of filters.
SAP for Retail with SAP ERP 6.0 Interview Questions
Question 27. Please Explain The Personalization Tab Within A Role?
Answer :
Personalization is a manner to shop statistics that would be not unusual to users, I supposed to a user role… E.G. You could create SAP queries and manipulate authorizations through user companies. Now this data may be saved within the personalization tab of the role. (I meant that it's far a way for SAP to deal with his ambiguity of its idea of person organization and roles: is “usergroup” a grouping of human beings sharing the identical get right of entry to or is it the position who's the grouping of human beings sharing the same get admission to).
SAP BASIS Interview Questions
Question 28. Is There A Table For Authorizations Where I Can Quickly See The Values Entered In A Group Of Fields?
Answer :
In particular I am trying to find the sector values for P_ORGIN across a number of authorization profiles, without having to drill down on each profile and authorization. AGR_1251 will provide you with some affordable data.[sociallocker]
SAP HANA Tutorial
Question 29. How Can I Do A Mass Delete Of The Roles Without Deleting The New Roles?
Answer :
here's a SAP delivered report that you may reproduction, cast off the machine kind test and run. To do a landscape with delete, input the jobs to be deleted in a transport, run the delete application or manually delete and then release the delivery and import them into all customers and systems.
It is called: AGR_DELETE_ALL_ACTIVITY_GROUPS. To used it, you want to tweak/debug & replace the code because it has a take a look at that make sure it's far deleting SAP delivered roles best. Once you get beyond that little bit, it really works nicely.
SAP GRC Interview Questions
Question 30. Someone Has Deleted Users In Our System, And I Am Eager To Find Out Who. Is There A Table Where This Is Logged?
Answer :
Debug or use RSUSR100 to locate the info’s.
Run transaction SUIM and down its Change documents.
Question 31. How To Insert Missing Authorization?
Answer :
su53 is the best transaction with which we will locate the lacking authorizations.And we are able to insert those lacking authorization thru p.C..
SAP GRC Tutorial
Question 32. What Is The Difference Between Role And A Profile?
Answer :
Role and profile move hand in hand. Profile is sold in by a position. Role is used as a template, wherein you may add T-codes, reviews..Profile is one which gives the user authorization. When you create a function, a profile is routinely created.
SAP BDC Interview Questions
Question 33. What Profile Versions?
Answer :
Profile versions are nothing however while u modifies a profile parameter via a RZ10 and generates a new profile is created with a different model and it's far stored in the database.
SAP ABAP Interview Questions
Question 34. What Is The Use Of Role Templates?
Answer :
User position templates are predefined interest companies in SAP such as transactions, reviews and net addresses.
Question 35. What Is The Different Between Single Role & Composite Role?
Answer :
A role is a field that collects the transaction and generates the related profile. A composite roles is a field which can collect several special roles.
Question 36. Is It Possible To Change Role Template? How?
Answer :
Yes, we can trade a person position template. There are precisely three methods in which we are able to paintings with consumer role templates
we are able to use it as they're added in sap
we are able to alter them as in keeping with our desires through %
we are able to create them from scratch.
For all the above special we should use p.C. Transaction to maintain them.
ERP Tools Interview Questions
Question 37. Sap Security T-codes?
Answer :
Frequently used protection T-codes
SU01 Create/ Change User SU01 Create/ Change User
PFCG Maintain Roles
SU10 Mass Changes
SU01D Display User
SUIM Reports
ST01 Trace
SU53 Authorization evaluation
Question 38. How To Create Users?
Answer :
Execute transaction SU01 and fill in all of the discipline. When creating a new person, you should enter an preliminary password for that consumer on the Logon statistics tab. All different facts is optionally available. Click here for academic on creating sap consumer identity.
Question 39. What Is The Difference Between Usobx_c And Usobt_c?
Answer :
The table USOBX_C defines which authorization checks are to be performed inside a transaction and which no longer (regardless of authority-check command programmed ). This table additionally determines which authorization tests are maintained in the Profile Generator. The table USOBT_C defines for every transaction and for each authorization object which default values an authorization constructed from the authorization item should have inside the Profile Generator.
Question 40. What Authorization Are Required To Create And Maintain User Master Records?
Answer :
The following authorization objects are required to create and maintain consumer grasp information:
•S_USER_GRP: User Master Maintenance: Assign consumer agencies
•S_USER_PRO: User Master Maintenance: Assign authorization profile
•S_USER_AUT: User Master Maintenance: Create and keep authorizations
SAP BW Interview Questions
Question forty one. What Is A Derived Role?
Answer :
Derived roles talk over with roles that exist already. The derived roles inherit the menu structure and the functions protected (transactions, reports, Web links, and so on) from the position referenced. A position can handiest inherit menus and functions if no transaction codes have been assigned to it before.
•The better-stage position passes on its authorizations to the derived function as default values which may be modified afterwards. Organizational degree definitions are not exceeded on. They have to be created anew inside the inheriting position. User assignments are not handed on either.
•Derived roles are an fashionable way of retaining roles that don't fluctuate in their capability (same menus and identical transactions) but have special characteristics with regard to the organizational stage.
Question 42. What Is A Composite Role?
Answer :
A composite function is a field that could acquire numerous distinctive roles. For motives of clarity, it does no longer make experience and is therefore no longer allowed to feature composite roles to composite roles. Composite roles also are called roles.
•Composite roles do no longer comprise authorization facts. If you need to exchange the authorizations (which might be represented via a composite position), you should preserve the facts for each position of the composite function.
•Creating composite roles makes feel if some of your personnel want authorizations from several roles. Instead of adding every person one after the other to each function required, you could installation a composite position and assign the users to that organization.
•The customers assigned to a composite function are routinely assigned to the corresponding (primary) roles for the duration of evaluation.
SAP PI Interview Questions
