SAP Security Challenge – April 2018

Welcome to the SAP Security Challenge by Xiting. How much do you know about SAP Security? Do you know what you don’t know? To help you identify those areas, Xiting has launched the SAP Security Challenge with a monthly quiz to test your knowledge. Stay tuned and follow our blog to broaden your skillset.

We will publish a new quiz every first of the month, consisting of ten (10) questions. Participants can submit their answers anytime between the first and last day of the month. The winner will be announced on the first day of the following month via newsletter and on our blog. Each participant enters the draw to win a ticket. One correct answer gives you one ticket in the draw (e.g. 8 correct answers gives you 8 tickets). The more you know, the higher the chances to win.

March Challenge

In March’s challenge, we had 164 participants and an overall average of 7.2 correct answers. In total, 14 participants were able to answer all questions correctly.

The Champion

We are very happy to announce that Todd A. is the lucky winner of the SAP Security challenge of March 2018. Todd answered 8 questions correctly and wins the $50 gift card from Amazon.

Answers from March’s Challenge

You have upgraded your SAP system to a higher release and would like to adjust your authorizations. Which transaction do you work with in this case?
Using SU25 (except step 1), you can compare the new authorization objects provided by SAP, modified check indicators or default values with your values in SU24.

Which object ensures that the user can copy and paste within the SAP system?
The object S_GUI with the ACTVT 02 authorizes to copy data to the clipboard for the following cases: List – Save – Local file. Format “To Clipboard” , and ALV Grid Control (Ctrl + C).

You want to know a users’ favorites. How do you proceed?
Favorites of all users in are stored in the table SMEN_BUFFC.

In which table can you adjust the parameter settings of Session Manager values?
In the SSM_CUST table, you can adjust the parameter settings of values for the session manager. For example DELETE_DOUBLE_TCODES.

Which authorization object controls the batch input authorizations?
S_BDC_MONI controls the batch input authorizations.

With which main switch can you activate the check of structural authorizations in transaction OOAC?
With the value 1 at the ORGPD main switch, you can activate the structural authorization check.

Which background job can you schedule for user comparison?
You can schedule the user comparison with the background job PFCG_TIME_DEPENDENCY or the report RHAUTUPD_NEW.

Select the true statements that apply to enabler role (or also called value role) concepts?
Enabler roles concepts break SAP standard, increase the complexity of the security design as well as the upgradability of your roles to new releases. Also, performing SOD analysis and running role testings become significantly tougher as you always have to consider two roles, the functional role, and its enabler. Read more about why not to use enabler roles in the following blog:

With S/4HANA, SAP delivers a simplification list that tells you which transactions become obsolete, are being replaced, etc. How many pages long is the simplification list for the latest S/4HANA release 1709?
SAP S/4HANA introduces a completely new data model. As a result, you will have to update your existing security model, including roles and authorizations. Analyzing and updating your old roles is a time-consuming process that could consume valuable project resources. SAP has documented many but not all required changes to your roles in its Simplification List. With the latest release 1709, SAP documents its simplifications on over 900 pages. Learn how Xiting can help you to apply those simplifications to all your roles.

With NetWeaver 7.50, what’s the limit of profiles a user can have assigned?
With NetWeaver 7.50, the model of how the system saves the profile assignments has changed. As of 7.50, there is no limitation of profiles a user can have assigned. In previous releases, the limit was at 312 profiles. With 7.50, the system saves the profile assignments in the central change documents (CDHDR / CDPOS).

April Challenge

[qsm quiz=6]

We wish you the best of luck in Aprils challenge.


Get in touch with us!

Do you have questions about our products?

+41 43 422 8803
[email protected]
+49 7656 8999 002
[email protected]
+1 855 594 84 64
[email protected]
+44 1454 838 785
[email protected]

Attend our live webinars and learn more from our experts about SAP authorizations, XAMS, SAP IDM and many other topics in the context of SAP security.

Register now