1. Differentiate between:
a.) USOBX_C and USOBT_C
b.) Derived role and Composite role
c.) SAML token profile and a SAP logon ticket
d.) Temp role and Copy role
2. Situation -
a.) You want to create and maintain user master record. What authorization
would you need?
b.) PFCG proposed activities but you need only two. What would you do?
c.) Authorization check on S_BTCH_JOB failed. What would happen now?
3. What are following T-codes used for?
j.) SU 24
4. a.) Explain X-glueb and its use in SAP security.
b.) Which tables will you use for making customizing setting for security
a.) The system raised a message that authorizations are missing but you have
SAP-ALL. What would you do?
b.) You want to force a user to change their password. How would you do it?
a.)You want to configure the local and global setting of CUA. Where would you
do that? What would happen if you have inconsistent settings?
b.) A person has different user IDs in different systems and you want to manage
their authorizations centrally. Is it possible? How would you do it?
7. You want to remove a developer's and developer keys from a system. How would
you do that?
8. What appears as the last sentence in SAP Note 587410? What does it men and
how would you restrict it?
9. When would you update a SAP table directly? What precautions would you taje?
10. How would you do the following?
a.) Lock all users at once.
b.) A user logge into production system, changes a table and logged out. How
would you track him?
11. List the various user types.
12. You wan to transport user groups from transaction SUGR? Would this impact
the groups tab in SU01? What would you do?
13. Why is it important to delete SAP-NEW profile? What steps will you take to
14. What is the use of TMSSUP* RFC destinations?
15. Is it possible to have more than one st of org-level values in one role?
Explain your answer.