Security interview questions - some fun to tickle your brain.

Hello gurus,

I know that posting interview question series are not allowed if the person has not put in any effort, but I have and folks seem to want to practice a bit sometimes so I take the liberty of creating a central one.

Tackle one or all of them to test your knowledge.

There are no model answers.

If you want to suggest additional ones, then please contact me.

The rules

Flaming of answers is allowed.

Funny answers earn a beer (or cup of tea).

There are no points.

1) When PFCG proposes 3 activities but you only want 2, how do you fix this?

2) What is the use of transaction PFUD at midnight?

3) Is PFUD needed when saving in SU01 and does the user need to logoff and on again after changes?

4) How are web services represented in authorizations of users who are not logged on?

5) How do you force a user to change their password and on which grounds would you do so?

6) What is the difference between SU24 and SU22? What is "orginal data" in SU22 context?

7) When an authorization check on S_BTCH_JOB fails, what happens?

8) Can you have more than one set of org-level values in one role?

9) Should RFC users have SAP_NEW and why?

10) What is an X-glueb command and where do you use it in SAP security?

11) What is the disadvantage of searching for AUTHORITY-CHECK statements in ABAP OO coding and how does SU53 deal with this?

12) In which tables can you make customizing settings for the security administration and name one example of such a setting which is usefull but not SAP default?

13) Can you use the information in SM20N to build roles and how?

14) If the system raises a message that authorizations are missing but you have SAP_ALL, what do you do?

15) Name any one security related SAP note and explain it's purpose or solution.

16) What are the two primary differences between a SAML token profile and a SAP logon ticket?

17) Where do you configure the local and global settings of the CUA and what are the consequences of inconsistent settings?

18) If you have users in different systems with different user ID's for the same person, what are your options to manage their authorizations centrally?

19) Explain the use of the TMSSUP* RFC destinations and the importance of the domain controller?

20) Why should you delete SAP_NEW profile and which transaction should you use before doing so?

To be continued...

  • SAP Moderator