SAP LT Replication Server

Security

37 flashcards · answers and review in the app — launching soon

Access restriction in the ABAP source moved from one table to another across support packs. Which table is legacy, which is current, and what's the precedence rule after upgrade?
For an S/4HANA 2020+ source, besides SAP_IUUC_REPL_REMOTE, which role and which two authorization objects drive fine-grained CDS-view/table restriction?
When configuring the RFC connection from SLT to an ABAP source in SM59, which connection type and user type are correct, and what's the gotcha if the two systems share a host?
When SLT manages the HANA target connection versus an external (unmanaged) one, who owns defining the target security, and what's the practical consequence?
The SAP_IUUC_REPL_ADMIN role lets a user create and change SLT configurations, but the admin complains they cannot see the actual data being replicated from source to target. What are they missing?
A user needs to view/edit migration objects in the Migration Object Modeler for an SLT scenario. Which authorization object governs this, and why isn't it S_DMIS?
You want to restrict an SLT user to only certain configurations (not all of them) within the SLT system. Which authorization object and field make this possible?
In the SLT authorization concept, S_DMIS_SLT is described as needing a manual step that the other SLT authorization objects don't. What is it, and what breaks if skipped?
Which authorization object controls whether a user can read from the sender (source) system and write to the receiver (target) system in SLT, and which single field carries the activities?
When adding a non-ABAP (non-SAP) source system, which specific activities must be enabled on S_DMC_S_R, and what goes wrong if you leave the default set?
Which SLT authorization object exists only for on-premise SAP S/4HANA 2020+ source systems, and what is it checked for?
In authorization object S_DHCDCACT, its field DHCDCACTVT takes short codes. Which code lets a user actually transfer data, versus merely monitor the CDC engine?
Which authorization object is checked when 'basis activities' are called in the ABAP source system for SLT, and what is its field?
In S_DHBASACT (ABAP Agent), which DHBASACTVT value lets a user change the activity-log retention period, as opposed to just reading or deleting log entries?
Three CDC-related authorization objects (S_DHCDCCDS, S_DHCDCTAB, S_DHCDCSTP) sound alike. Which one is checked specifically when a CDS view in the source is accessed?
In the CDC authorization objects, what does the field DHCDCSBTYP restrict, and what value must it hold for an SLT scenario?
When customizing SAP_DH_CDC_REMOTE for an S/4HANA 2020+ source, field DHCDCCDSRS should be set to C1. When is NO the correct value instead?
Which authorization object determines whether a given data-transfer scenario (subscriber type) is even enabled for the source system, independent of any specific table or CDS view?
Which authorization object governs access levels for SLT change-log activities, and what is its single field?
In S_DMISIUCA, which IUUCACTVT value lets a user delete the expired change log, versus merely access it?
The SAP_IUUC_REPL_ADMIN role bundles exactly which three authorization objects, and why does knowing the set matter?
How does SAP_IUUC_REPL_DISPLAY differ from SAP_IUUC_REPL_ADMIN at the authorization-field level, not just by name?
You upgrade SLT to SP 15 from a release prior to SP 13. Besides the binaries, what role-related check is critical to avoid access problems?
For an ABAP source system, which role must be generated, and what specific field/value on S_DMIS makes it work as a source-side remote role?
For an S/4HANA 2020+ source, the SAP_IUUC_REPL_REMOTE / SAP_DH_CDC_REMOTE role is a 'template role' — what does that imply you must do before assigning it?
Why is using the DDIC user for SLT replication (RFC or role assignment) explicitly warned against?
For an ABAP-based SAP target system (not HANA), which role must the SLT connection user carry, and how does that compare to the source-side requirement?
When SLT manages the HANA connection and must auto-create the target schema, which system privileges must the HANA initial user hold?
The HANA initial user's setup privileges are described as revocable after configuration. Which are safe to revoke once setup is done, and why does that matter?
Which HANA schema and SQL privileges must a *second* database user get to access an existing SLT configuration, beyond the system privileges?
Among the auto-generated HANA replication-schema roles, which one should be assigned only in urgent/rare cases, and what's the risk?
A user needs to grant SELECT on a replicated HANA table to a colleague, but the standard _SELECT_USER role can't do it. Which role or mechanism is required?
Managing access to already-replicated HANA tables goes through two stored procedures. Which role gives access to them, and what are they?
In the SLT-managed HANA scenario, calls to RS_GRANT_ACCESS/RS_REVOKE_ACCESS write audit rows. Which table, and why is that operationally important?
By default, how much of the ABAP source system can SLT read, and which table changes that?
In table DMC_C_WL_TABL_OP you flag LOAD_DATA for a table but replication/load still fails on metadata. What flag did you forget?
What does a FREEZE_TRIGGER (via DMC_C_WL_TABL_OP) do to a source table, and how does its behavior differ from a normal logging trigger?