KnowCardSAP S/4HANA Administration
Access Protection, Data Security & Auditing
34 flashcards · answers and review in the app
Why lock a client (e.g. for an upgrade) rather than locking all users with SU10?
What is system hardening?
How is the message server (a single point of failure) protected from rogue connections?
What does auth/rfc_authority_check control, and what should production use?
How do gw/acl_mode and gw/acl_file restrict gateway access, and what if the file is bad?
What does the ICM security log (icm/security_log) record?
Why is plain HTTP unacceptable, and what should you do with it?
What's the default state of ICF services after installation, and why keep unused ones off?
When does SAP release security fixes, and what are they called?
How do you prohibit specific passwords, and how do the wildcards work?
Where are table changes logged, and how do you read them?
Which parameter enables the security audit log, and what do the related parameters configure?
Which security parameters harden session management for SAP GUI for HTML?
Where can the security audit log be stored, and what's the advantage of the database option?
What do login/password_max_idle_productive, login/password_max_idle_initial, and login/password_change_waittime control?
What does login/disable_password_logon enforce when set?
Since SAP* is hardcoded with a fallback, how do you properly neutralize it?
What are SAP_ALL, S_A.SYSTEM, and S_A.DEVELOP, and who should never get them?
How does SAP scan documents for viruses before upload?
What are the SAP system's four auditing tools?
Which audit transactions are obsolete, and what replaced them?
What's the difference between a static and a dynamic security audit configuration?
How is the file-based security audit log protected from tampering, and what must you never do?
What does read access logging (RAL) do, and why does it matter for GDPR?
How is SUIM especially useful for auditing critical authorizations?
What do audit reports RSUSR003, RSUSR006, and RSUSR007 each check?
Why is the gateway process a security risk?
How do you lock critical transactions in production, and what's the client-000 effect?
How do you restrict access to the ICM, and what happens if the ACL file is inconsistent?
Why are standard users (SAP*, DDIC, SAPCPIC, TMSADM, EARLYWATCH) a risk, and which report checks them?
What does the security audit log record, and how long do its files last?
For auditing via table logging, what two things are required, and where should it be limited?
What do gw/sec_info and gw/reg_info limit, and where should they live?
When a user has a security policy (SECPOL), what replaces the profile parameters — and what's the catch with unset values?