-
Products and Technology
By Category
-
Groups
Activity Groups
Industry Groups
Influence and Feedback Groups
Interest Groups
Location Groups
Customer Only Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
Products
Learning and Support
-
- Products and Technology
- Groups
- Developers
- Partners
- Events
- Help Center
- Topic Pages
-
Explore SAP
- Explore SAP
-
Products
- Products
- SAP Business Suite
- Artificial Intelligence
- Business applications
- Data and analytics
- Technology Platform
- Financial Management
- Spend Management
- Supply Chain Management
- Human Capital Management
- Customer Experience
- SAP Business Network
- View products A-Z
- View industries
- Try SAP
- Partners
- Services
- Learning and Support
- About
- SAP Community
- Groups
- Interest Groups
- Application Development and Automation
- Discussions
- Re: General interview questions in Security R3?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
General interview questions in Security R3?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Jul 24 6:24 PM
- SAP Managed Tags
- Security
Hi Everyone,
I just wanted to know what are the questions(in general)to be expected in R3 Security interview(4.6c)
as i am expecting an interview in couple of days..
Thank you in advance
shabana
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Jul 25 7:19 AM
- SAP Managed Tags
- Security
Questions that i encountered based on R/3 46C:
1. How frequent do you perform transport migration?
2. Understanding of Composite role, Derived Roles, Single Roles
3. Knowledge of SU01, PFCG
4. CUA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎2006 Jul 25 8:13 AM
- SAP Managed Tags
- Security
Hi,
these are a few quick thoughts:
IT-Infrastructure Security, SAP Landscape:
- Network layout and firewalling between systems
- Remote administration, backup, archiving procedures
- Hardening procedures for new systems, new clients, system or client copies
- examples are locking, unlocking, password changes of users, setting system wide password rules, SM59 configuration, SICF configuration
- Use of cryptographic mechanisms (SNC, SSL)
Authorizations:
- Does a documented authorization concept exist?
- Of course: Are there SAP_ALL, SAP_NEW users (or any equivalent sort of SAP_ALL)
- How are authorizations of communication / system users managed?
- What kind of functional roles are used (Task roles, job roles, etc.)?
- What kind of technical roles are used (single, composite, derived)?
- Are check indicators used (SU24)?
- Are there many "manual" authorization objects? (this would indicate that SU24 is not correctly used.)
- Are risky transactions (SU01, PFCG, SM59, SA38, ...) and risky transaction combinations (vendor creation / change and payment processing) known and documented?
- Are procedures in place that control / mitigate the execution of these risks?
- How is user and authorizations management regulated?
Regards,
Christian
Bluesky