{"id":3177,"date":"2018-08-01T06:00:19","date_gmt":"2018-08-01T10:00:19","guid":{"rendered":"https:\/\/www.xiting.us\/?p=3177"},"modified":"2026-02-15T16:42:20","modified_gmt":"2026-02-15T15:42:20","slug":"sap-security-challenge-august-2018","status":"publish","type":"post","link":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/","title":{"rendered":"SAP Security Challenge – August 2018"},"content":{"rendered":"

Welcome to the SAP Security Challenge<\/a> by Xiting. How much do you know about SAP Security? Do you know what you don’t know? To help you identify those areas, Xiting has launched the SAP Security Challenge with a monthly quiz to test your knowledge. Stay tuned and follow our blog to broaden your skillset.<\/p>\n

We will publish a new quiz<\/span><\/span><\/span><\/span> every first of the month, consisting of ten (10) questions. Participants can submit their answers anytime between the first and last day of the month. The winner will be announced on the first day of the following month via newsletter and on our blog. Each participant enters the draw to win a ticket. One correct answer gives you one ticket in the draw (e.g. 8 correct answers gives you 8 tickets). The more you know, the higher the chances to win.<\/p>\n

July Challenge<\/h2>\n

In July’s challenge, we had 198 participants and an overall average of 5.7 correct answers. In total, only 5 participants were able to answer all questions correctly.<\/p>\n

The Champion<\/h3>\n

We are very happy to announce that Chris L.<\/strong> is the lucky winner of the SAP Security challenge of July 2018. Chris answered 9 questions correctly and wins a copy of the SAP System Security Guide<\/a> that was co-written by Alessandro Banzer, Xiting USA. Congratulations Chris.<\/p>\n

Answers from July’s Challenge<\/h3>\n

What is the name of the newest SAP Security book that was co-authored by Xiting’s Alessandro Banzer?<\/strong>
\nXiting’s Alessandro Banzer is a co-author of the SAP Press book SAP System Security Guide that can be pre-ordered here: https:\/\/bit.ly\/2uRIfJo<\/a><\/p>\n

What is the name of the latest training course by SAP Education that talks about authorizations in S\/4HANA?<\/strong>
\nWith ADM945, SAP Education provides a training class that specifically talks about authorizations in S\/4HANA, Fiori, etc. See more on: https:\/\/training.sap.com\/course\/adm945-sap-s4hana–authorization-concept-classroom-018-g-en\/<\/a><\/p>\n

What is the difference between S\/4HANA and Suite on HANA?<\/strong>
\nSAP S\/4HANA is SAP’s next-generation business suite that runs on a HANA database. Suite on HANA is an SAP ECC (or also called SAP ERP) running on a HANA database (instead of Oracle, MaxDB, DB2, etc).<\/p>\n

Where do you find the information on what Fiori applications are available to replace a transaction in the backend?<\/strong>
\nIn the SAP Fiori apps reference library<\/p>\n

If you run FIORI on an embedded environment, whereas you have the front end and back end running on the same instance, do you still have to authorize the gateway services?<\/strong>
\nRegardless if you separate the front end from the back end or not, the end user still needs authorizations to the frontend and backend services. Specifically for the back end the user needs authorizations to the gateway services.<\/p>\n

What is the best-practice approach when building end-user roles for Fiori?<\/strong>
\nSAP’s best-practice is to create a dedicated role for the back end and one for the front end. With that, regardless of your current architecture, you have the ability to move your role design to an architecture that has the front end and back end on a separate system.<\/p>\n

In which table can you find the hash values for your services\/components that are required in the S_START authorization?<\/strong>
\nIn table USOBHASH, you can find the generated hash values to your services\/components.<\/p>\n

What are the least authorizations that a user needs to execute the Fiori launchpad? <\/strong>
\nTo use the Fiori launchpad, the end user requires certain authorizations. These include in the front end transaction \/UI2\/FLP, service \/UI2\/INTEROP and \/UI2\/PAGE_BUILDER_PERS, as well as gateway service ZINTEROP_0001 and ZPAGE_BUILDER_PERS_0001. In the back end function module \/IWBEP\/FM_MGW_HANDLE_REQUEST.<\/p>\n

What’s the purpose of generating the hash values of services?<\/strong>
\nWith generated hash values in table USOBHASH, you can a relationship between the hash value and the service\/component. This is especially important when running an authorization trace (ST01\/STAUTHTRACE) as you can then track back to a service.<\/p>\n

Do all Fiori applications have an associated ODATA service?<\/strong>
\nOnly the UI5 applications do have an ODATA service that must be authorized. Web dynpro and GUI transactions for HTML do not have an ODATA service.<\/p>\n

August Challenge<\/h2>\n

[qsm quiz=10]<\/p>\n

We wish you the best of luck in the challenge.<\/p>\n","protected":false},"excerpt":{"rendered":"

Welcome to the SAP Security Challenge by Xiting. How much do you know about SAP Security? Do you know what you don’t know? To help you identify those areas, Xiting has launched the SAP Security Challenge with a monthly quiz to test your knowledge. Stay tuned and follow our blog to broaden your skillset. We will publish […]<\/p>\n","protected":false},"author":7,"featured_media":9385,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","footnotes":""},"categories":[1835],"tags":[145],"class_list":["post-3177","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-securityquiz"],"acf":[],"yoast_head":"\nSAP Security Challenge – August 2018 - Xiting<\/title>\n<meta name=\"robots\" content=\"noindex, follow\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SAP Security Challenge – August 2018\" \/>\n<meta property=\"og:description\" content=\"Welcome to the SAP Security Challenge by Xiting. How much do you know about SAP Security? Do you know what you don't know? To help you identify\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiting\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/XitingAG\" \/>\n<meta property=\"article:published_time\" content=\"2018-08-01T10:00:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-02-15T15:42:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiting.com\/wp-content\/uploads\/2019\/01\/sap-security-blog-security-challenge.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"964\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alessandro Banzer\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alessandro Banzer\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/\"},\"author\":{\"name\":\"Alessandro Banzer\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/person\\\/9f4b7239bdd4d109e5a45c9432779d5e\"},\"headline\":\"SAP Security Challenge – August 2018\",\"datePublished\":\"2018-08-01T10:00:19+00:00\",\"dateModified\":\"2026-02-15T15:42:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/\"},\"wordCount\":725,\"publisher\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/sap-security-blog-security-challenge.jpg\",\"keywords\":[\"securityquiz\"],\"articleSection\":[\"SAP Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/\",\"name\":\"SAP Security Challenge – August 2018 - Xiting\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/sap-security-blog-security-challenge.jpg\",\"datePublished\":\"2018-08-01T10:00:19+00:00\",\"dateModified\":\"2026-02-15T15:42:20+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#primaryimage\",\"url\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/sap-security-blog-security-challenge.jpg\",\"contentUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2019\\\/01\\\/sap-security-blog-security-challenge.jpg\",\"width\":964,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/news\\\/sap-security-challenge-august-2018\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/xiting.com\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"SAP Security Challenge – August 2018\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#website\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/\",\"name\":\"Xiting\",\"description\":\"Your Expert for SAP Security\",\"publisher\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/xiting.com\\\/en\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#organization\",\"name\":\"Xiting\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/xiting-logo.svg\",\"contentUrl\":\"https:\\\/\\\/xiting.com\\\/wp-content\\\/uploads\\\/2019\\\/08\\\/xiting-logo.svg\",\"width\":1,\"height\":1,\"caption\":\"Xiting\"},\"image\":{\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/XitingAG\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/1345129\\\/\",\"https:\\\/\\\/www.instagram.com\\\/xiting.global\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/xiting.com\\\/en\\\/#\\\/schema\\\/person\\\/9f4b7239bdd4d109e5a45c9432779d5e\",\"name\":\"Alessandro Banzer\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/bd69cf75d8008518f801684fb686af7daad3e988b323551989d44fb47d82a240?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/bd69cf75d8008518f801684fb686af7daad3e988b323551989d44fb47d82a240?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/bd69cf75d8008518f801684fb686af7daad3e988b323551989d44fb47d82a240?s=96&d=mm&r=g\",\"caption\":\"Alessandro Banzer\"},\"description\":\"Alessandro has worked in the field of IT since 2004, specializing in SAP in 2009 and working on global SAP projects in various roles since that date. Alessandro is an active contributor and moderator in the Governance, Risk, and Compliance space on SAP SCN. Alessandro is in charge of Xiting's operations in the United States and a subject matter expert in SAP Access Control, SAP Cloud IAG, and SAP Security.\",\"url\":\"https:\\\/\\\/xiting.com\\\/en\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"SAP Security Challenge – August 2018 - Xiting","robots":{"index":"noindex","follow":"follow"},"og_locale":"en_US","og_type":"article","og_title":"SAP Security Challenge – August 2018","og_description":"Welcome to the SAP Security Challenge by Xiting. How much do you know about SAP Security? Do you know what you don't know? To help you identify","og_url":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/","og_site_name":"Xiting","article_publisher":"https:\/\/www.facebook.com\/XitingAG","article_published_time":"2018-08-01T10:00:19+00:00","article_modified_time":"2026-02-15T15:42:20+00:00","og_image":[{"width":964,"height":600,"url":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/01\/sap-security-blog-security-challenge.jpg","type":"image\/jpeg"}],"author":"Alessandro Banzer","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Alessandro Banzer","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#article","isPartOf":{"@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/"},"author":{"name":"Alessandro Banzer","@id":"https:\/\/xiting.com\/en\/#\/schema\/person\/9f4b7239bdd4d109e5a45c9432779d5e"},"headline":"SAP Security Challenge – August 2018","datePublished":"2018-08-01T10:00:19+00:00","dateModified":"2026-02-15T15:42:20+00:00","mainEntityOfPage":{"@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/"},"wordCount":725,"publisher":{"@id":"https:\/\/xiting.com\/en\/#organization"},"image":{"@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#primaryimage"},"thumbnailUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/01\/sap-security-blog-security-challenge.jpg","keywords":["securityquiz"],"articleSection":["SAP Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/","url":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/","name":"SAP Security Challenge – August 2018 - Xiting","isPartOf":{"@id":"https:\/\/xiting.com\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#primaryimage"},"image":{"@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#primaryimage"},"thumbnailUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/01\/sap-security-blog-security-challenge.jpg","datePublished":"2018-08-01T10:00:19+00:00","dateModified":"2026-02-15T15:42:20+00:00","breadcrumb":{"@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#primaryimage","url":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/01\/sap-security-blog-security-challenge.jpg","contentUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/01\/sap-security-blog-security-challenge.jpg","width":964,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/xiting.com\/en\/news\/sap-security-challenge-august-2018\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiting.com\/en\/"},{"@type":"ListItem","position":2,"name":"SAP Security Challenge – August 2018"}]},{"@type":"WebSite","@id":"https:\/\/xiting.com\/en\/#website","url":"https:\/\/xiting.com\/en\/","name":"Xiting","description":"Your Expert for SAP Security","publisher":{"@id":"https:\/\/xiting.com\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiting.com\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiting.com\/en\/#organization","name":"Xiting","url":"https:\/\/xiting.com\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiting.com\/en\/#\/schema\/logo\/image\/","url":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/08\/xiting-logo.svg","contentUrl":"https:\/\/xiting.com\/wp-content\/uploads\/2019\/08\/xiting-logo.svg","width":1,"height":1,"caption":"Xiting"},"image":{"@id":"https:\/\/xiting.com\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/XitingAG","https:\/\/www.linkedin.com\/company\/1345129\/","https:\/\/www.instagram.com\/xiting.global\/"]},{"@type":"Person","@id":"https:\/\/xiting.com\/en\/#\/schema\/person\/9f4b7239bdd4d109e5a45c9432779d5e","name":"Alessandro Banzer","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/bd69cf75d8008518f801684fb686af7daad3e988b323551989d44fb47d82a240?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/bd69cf75d8008518f801684fb686af7daad3e988b323551989d44fb47d82a240?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/bd69cf75d8008518f801684fb686af7daad3e988b323551989d44fb47d82a240?s=96&d=mm&r=g","caption":"Alessandro Banzer"},"description":"Alessandro has worked in the field of IT since 2004, specializing in SAP in 2009 and working on global SAP projects in various roles since that date. Alessandro is an active contributor and moderator in the Governance, Risk, and Compliance space on SAP SCN. Alessandro is in charge of Xiting's operations in the United States and a subject matter expert in SAP Access Control, SAP Cloud IAG, and SAP Security.","url":"https:\/\/xiting.com\/en\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts\/3177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/comments?post=3177"}],"version-history":[{"count":2,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts\/3177\/revisions"}],"predecessor-version":[{"id":46927,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/posts\/3177\/revisions\/46927"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/media\/9385"}],"wp:attachment":[{"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/media?parent=3177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/categories?post=3177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiting.com\/en\/wp-json\/wp\/v2\/tags?post=3177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}