Introduction to SAP Security Online Training @ maxonlinetraining.com

1
(No Transcript)
2
SAP Security Online Training
Online Corporate Training certifications
placements support CONTACT US MAXONLINETRAINING
USA 1 9404408084 IND 91 9533837156 Email
info_at_maxonlinetraining.com www.
maxonlinetraining.com
3
SAP Security Online Training

• Introduction
• What is Security
• Building blocks
• Common terminologies used Most Common
• tools in Security
• CUA

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
4
(No Transcript)
5
Enroll Now   https//goo.gl/H4HFKP
6
SAP Security Online Training

• What is Security?
• Security concept is same around the globe
  like in your normal life, security means removing
  or restricting unauthorized access to your
  belongings. For example your Car, laptop or cared
  cards etc
• IT Security?
• Information security (sometimes shortened
  to InfoSec) is the practice defending information
  from unauthorized access, use, disclosure,
  disruption, modification, perusal, inspection,
  recording or destruction. It is a general term
  that can be used regardless of the form the data
  may take (electronic, physical, etc...)
• SAP Security?
• In the same context of InfoSec. SAP
  security have the same meaning or in other words
  - who can do what in SAP?

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
7
Enroll Now   https//goo.gl/H4HFKP
8
SAP Security Online Training

• Building Blocks
• User Master
• Record Roles
• Profiles Authorization
• Objects

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
9
SAP Security Online Training

• User Master Record?
• A User initially has no access in SAP
• When we create access in system it defines UMR
  User Master Record information includes
• Name, Password, Address, User type, Company
  information
• User Group
• Roles and Profiles
• Validity dates (from/to)
• User defaults (logon language, default printer,
  date format, etc)
• User Types Dialog typical for most users
  System cannot be used for dialog login, can
  communicate between systems and start background
  jobs Communications Data cannot be used for
  dialog login, can communicate between systems but
  cannot start background jobs Reference cannot
  log in, used to assign additional Authorizations

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
10
SAP Security Online Training

• Roles and Profiles Roles is group of tcode (s),
  which is used to perform a specific business
  task.
• Each role requires specific privileges to perform
  a function in SAP that is called AUTHORIZATIONS
  There are 3 types of Roles
• Single an independent Role
• Derived has a parent and differs only in
  Organization Levels. Maintain Transactions, Menu,
  Authorizations only at the parent level
• Composite container that contains one or more
  Single or Derived Roles

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
11
(No Transcript)
12

• CONTACT US
• MAXONLINETRAINING
• USA 1 9404408084
• IND 91 9533837156
• Email info_at_maxonlinetraining.com
• www. maxonlinetraining.com
  https//www.linkedin.com/company/maxonlinetraining
  
• http//maxonlinetraining.com/sap-security-online-t
  raining/

13
SAP Security Online Training
For More Videos   https//goo.gl/Als1si

• Authorization Objects
• Authorization Objects are the keys to SAP
  security
• When you attempt actions in SAP the system
  checks to see whether you have the appropriate
  Authorizations
• The same Authorization Objects can be used by
  different Transactions

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
14
SAP Security Online Training
For More Videos   https//goo.gl/Als1si

• User Buffer?
• When a User logs into the system, all of the
  Authorizations that the User has are loaded into
  a special place in memory called the User Buffer
• As the User attempts to perform activities, the
  system checks whether the user has the
  appropriate Authorization Objects in the User
  Buffer.
• You can see the buffer in Transaction .

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
15
SAP Security Online Training

• Executing a Transaction (Authorization Checks)
• Does the Transaction exist? All Transactions have
  an entry in table TSTC
• Is the Transaction locked? Transactions are
  locked using Transaction SM01 Once locked, they
  cannot be used in any client
• Can the User start the Transaction? Every
  Transaction requires that the user have the
  Object S_TCODETransaction Name Some Transactions
  also require another Authorization Object to
  start (varies depending on the Transaction)
• What can the User do in the Transaction? The
  system will check to see if the user has
  additional Authorization Objects as necessary

For More Videos   https//goo.gl/Als1si
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
16
For More Videos   https//goo.gl/Als1si
Enroll Now   https//goo.gl/H4HFKP
17
SAP Security Online Training

• How to trace missing Authorization Frequently you
  find that the role you built has inadequate
  accesses and will fail during testing or during
  production usage. Why?
• Why It happens?
• Negligence of tester or some other reason How
  process initiated?
• This process kicks when security guy receives
• Email or
• phone call or
• ticket

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
18
SAP Security Online Training

• How do we determine correct accesses required?
• SAP has various tools to analyse access errors
  and determine correct Authorizations required
• Use Last Failed Authorization check - SU53 (60
  effective)
• Use Assignment of Auth Object to Transactions -
  SU24 (60 effective)
• Trace the Authorizations for a function - ST01
  (90 effective)

For More Videos   https//goo.gl/Als1si
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
19
SAP Security Online Training
For More Videos   https//goo.gl/Als1si

• Common Terminologies
• User master Records Roles Authorizations
  Authority
• Check user buffer Authorization Errors security
  matrix
• Profiles Authorization Objects User menus

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
20
For More Videos   https//goo.gl/Als1si
Enroll Now   https//goo.gl/H4HFKP
21
SAP Security Online Training

• SAP Password controls There are some Standard SAP
  password Controls delivered by SAP which cannot
  be changed
• First-time users forced to change their passwords
  before they can log onto the SAP system, or after
  their password is reset.
• Users can only change their password when logging
  on.
• Users can change their password at most, once a
  day
• Users can not re-use their previous five
  passwords.
• The first character can not be ? or !.
• The first three characters of the password cannot
  
• appear in the same order as part of the user
  name.
• all be the same.
• include space characters.
• The password cannot be PASS or SAP.

Enroll Now   https//goo.gl/H4HFKP
22
SAP Security Online Training

• Password Controls - cont.
• SAP Password System Parameters - system wide
  settings that can be configured by MPL - Minimum
  Password Length Password locked after
  unsuccessful login attempts Password Expiration
  time Password complexity
• Illegal Passwords MPL can define passwords that
  cannot be used
• Enter impermissible passwords into SAP table
  USR40 MPL Master parts List

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
23
For More Videos   https//goo.gl/Als1si
Enroll Now   https//goo.gl/H4HFKP
24
SAP Security Online Training

• Tools
• SU01 User Maintenance
• PFCG Role Maintenance
• SUIM Authorization Reporting Tree
• SU02 Maintain Profiles
• SU03 Maintain Authorisations
• SU10 User Maintenance Mass Changes
• SU21 Maintain Authorization Objects
• SU24 Auth Object check under transactions
• SU3 Maintain default settings
• SU53 Display Authority Check Values

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
25
SAP Security Online Training

• CUA Central User Administration is a feature in
  SAP that helps to streamline multiple users
  account management on different clients in a
  multi SAP systems environment. This feature is
  laudable when similar user accounts are created
  and managed on multiple clients
• Centralized Admin
• Data consistency accuracy
• Eliminate redundant efforts

Enroll Now   https//goo.gl/H4HFKP
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
26
SAP Security Online Training

• We offer you
• 1. Interactive Learning at Learners
  convenience2. Industry Savvy Trainers3. Learn
  Right from Your Place4. Customized Curriculum5.
  24/7 system access6. Highly Affordable
  Courses7. Support after Training a. Resume
  Preparation b. Certification Guidance c.
  Interview assistance

For More Videos   https//goo.gl/Als1si
USA 1 940 440 8084, IND 91 953 383
7156 Email Id info_at_maxonlinetraining.com
27
The Above Course Content is all Covered
by The Best SAP Security Online Training Program
by real time IT industrial experts Of MaxOnline
Training
28
Any Queries on SAP feel free to contact us,
call USA 1 9404408084 , IND 91
9533837156 full course details please visit our
website http//www.magnifictraining.com For any
further details please mail us all queries to
info_at_maxonlinetraining.com
29
(No Transcript)