1) Explain what is SAP security?
SAP security is providing correct access to business users with respect to their authority or responsibility and giving permission according to their roles.
2) Explain what is “roles” in SAP security?
“Roles” is referred to a group of t-codes, which is assigned to execute particular business task. Each role in SAP requires particular privileges to execute a function in SAP that is called AUTHORIZATIONS.
3) Using which table transaction code text can be displayed?
Table TSTCT can be used to display transaction code text.
4) Mention what are the pre-requisites that should be taken before assigning Sap_all to a user even there is an approval from authorization controllers?
Pre-requisites follows like
- Enabling the audit log- using sm 19 tcode
- Retrieving the audit log- using sm 20 tcode
5) Mention what SAP table can be helpful in determining the single role that is assigned to a given composite role?
Table AGR_AGRS will be helpful in determining the single role that is assigned to a given composite role.
6) Explain how you can delete multiple roles from QA, DEV and Production System?
To delete multiple roles from QA, DEV and Production System, you have to follow below steps
- Place the roles to be deleted in a transport (in dev)
- Delete the roles
- Push the transport through to QA and production
This will delete all the all roles
7) Mention which table is used to store illegal passwords?
To store illegal passwords, table USR40 is used, it is used to store pattern of words which cannot be used as a password.
- USOBT_C: This table consists the authorization proposal data which contains the authorization data which are relevant for a transaction
- USOBX_C: It tells which authorization check are to be executed within a transaction and which must not
9) Mention what is the maximum number of profiles in a role and maximum number of object in a role?
Maximum number of profiles in a role is 312, and maximum number of object in a role is 150.
10) What is the t-code used for locking the transaction from execution?
For locking the transaction from execution t-code SM01, is used.