SAP Security

 12,500.00

Description

 

1. Introduction

1.1 Objectives and Goals of SAP Security Course

1.2 SAP Net Weaver Fundamentals

  • Overview of SAP R/3
  • SAP GUI configuration
  • SAP logon screen
  • Initial screen in SAP systems
  • Maintaining your user profile
  • Favorites list and user menu
  • Calling Functions
  • Additional navigation options
  • Processing user requests
  • SAP Server Database Interface
  • SAP Server Processes
  • SAP Client Structure
  • System Landscape
  • Remote Function Calls

 

2. SAP Authorizations

2.1 SAP Authorizations

  • Why Do We Require Authorizations?
  • Security Overview
  • SAP Access Controls
  • Users, Roles, and Authorizations
  • Technical Implementation of Roles
  • User-Specific Menus

 

2.2 Authorization Concept Implementation

  • Implementation Methods and Authorizations
  • Role and Authorization Concept: Steps
  • Step 1: Preparation
  • Team members for Roles and Authorizations
  • Step 2: Analysis & Conception
  • Technical Conception: Role Implementation
  • Analysis: Determine user roles
  • Conception: Complete User Roles (1)
  • Technical Conception: Role Implementation
  • Step 3: Implementation
  • Step 4: Quality Assurance & Tests
  • Step 5: Cutover
  • Implementing User and Authorization Administration
  • User and Authorization Administration

 

3. Fundamentals of SAP Authorization

3.1 SAP Authorisation elements

  • Elements of the SAP Authorization Concept
  • Field, Object & Object Classes
  • Authorization level
  • Authorizations and Authorization Profiles
  • Create roles using profile generator PFCG

 

3.2 Authorisation check Process

  • Authorization Checks at Transaction Start
  • Authorization Check in the Program
  • SAP User Buffer

 

4. SAP User Master

4.1 Creating and Maintaining User Master Data

  • Components of the User Master
  • Tab  Address
  • Tab – Logon Data
  • User Types
  • Tab  Defaults
  • Tab  Parameters
  • Tab  Roles
  • Tab Profiles
  • Tab  Groups
  • Tab  Personalization
  • Tab – License Data
  • User Mass Maintenance

 

5. Role Maintenance

5.1 PFCG Profile Generator

  • PFCG – Profile Generator
  • Role Name and Description
  • Role Menus
  • Maintain authorization
  • Maintain authorization data
  • Authorization profile
  • User assignment
  • User master comparison

 

5.2 Composite Roles

  • Composite Roles and User
  • Composite role menu

 

5.3 Master Roles and Derived Roles

  • Master Roles and Derived Roles
  • Derived Roles Menu

 

5.4 Authorization Maintenance

  • Traffic Light Legend
  • Icons Legend
  • Status Texts

 

6. Authorization Development

6.1 End User Role Development

  • Naming Convention
  • Single Role, Org Level
  • Single Roles Org Level

 

6.2 User Administration –

  • 4 eye principle
  • 4 eye principle
  • 8 eye principle
  • 8 eye principle Implementation

 

7. Administrative Settings

7.1 Settings for Role Maintenance

  • Activation of the Profile Generator
  • PFCG Default Values
  • Default Tables
  • Adjusting Check Indicators
  • ST22 SAP Default Check

 

7.2 SAP Upgrade Steps

  • Upgrade Steps
  • SAP_ALL & SAP_NEW

 

7.3 Access Control Administration

  • Profile Parameters and Password Rules
  • Password Checks with System Profile Parameters
  • Special Users

 

7.4 Analyze Authorization Issues

  • SU53 Authorization check
  • ST01 Authorization trace
  • Authorisation Issues
  • Authorisation verification

 

8. SAP HCM Security

8.1 Introduction to SAP  HR

  • Basics
  • Infotypes
  • HR  Tcode

 

8.2 HR Authorisation

  • HR Authorization Concept
  • HR Object
  • HR Data
  • HR Security – authorization switch
  • HR Authorization Field
  • P_ORGIN vs P_ORGINCON
  • P_PERNR
  • P_APPL & PLOG

 

8.3 Structural Authorizations

  • Structural Authorizations definition and details

 

8.4 Indirect Role Assignment

  • Indirect role assignment Steps and details

 

9. Transporting Authorizations

9.1 Transporting Authorizations

  • SAP transport
  • Transport Request
  • Authorization profiles Setting
  • Download and upload Roles
  • Mass Transport & Mass download
  • Mass Profile Generator & Mass compare
  • Transporting User Master Records
  • Client Copy

 

9.2 Authorization Concept for Transport Handling

  • Transport Request Activity
  • Transport handling authorisation matrix

 

10. Interface and Special Authorization

10.1 Interface(RFC) Authorization

  • Remote Function Call
  • RFC Authorization
  • RFC Authorization Object
  • Create RFC Role

 

10.2 Special Authorisation

  • Table Maintenance
  • Table Maintenance of Cross-Client Tables
  • Table Authorization for Organizational Unit
  • Create Table auth group
  • Auth Group Checking
  • Reports
  • Background Job
  • Spools
  • User/Roles
  • BDC Sessions
  • ABAP Work Bench

 

10.3 Custom Auth Objects

  • User of Custom object
  • SU20 – Maintain Authorization Fields
  • SU21 – Maintain Authorization Objects

 

10.4 Call Transaction (SE97)

  • SE97-Maint. transaction call authorization
  • Message Type

 

11. Central User Administration

  • Introduction to Central User Administration
  • Decentralized User Administration
  • Central User Administration
  • ALE Data Distribution
  • ALE Setup
  • Setup of the Central User Administration
  • SCUM User Distribution Field Selection
  • Integration of Existing Systems
  • Copying User Master Records
  • Central User Maintenance
  • Setup CUA

 

12. SAP Audit Information System

  • Purpose of and Procedures for Security Audits
  • Tools available Security Audits
  • Audit Information System (AIS)
  • Audit Environment
  • Target Groups
  • Major Components of System Audit
  • Using AIS from a System Audit Perspective

 

13. Security Audit Tools

13.1 Security Audit Log

  • .AIS Path
  • .Introducing the Security Audit Log
  • Information in security audit log
  • Security Audit Log Architecture
  • The Audit File and the Audit Record
  • Instance Parameters
  • Configuring Filters
  • Configuring Security Audit Filters
  • Audit Profile
  • Dynamic Filters
  • Defining Filters
  • Audit Analysis
  • Reading the Security Audit Report
  • Deleting Old Audit Files

13.2 CCMS Alert Monitor

  • Security Monitor
  • Audit Information System Menu Paths

 

13.3 Activities Log

  • Audit Information System (AIS)
  • Logging of Specific Activities
  • Application Logging
  • Logging Workflow Execution
  • ogging Change Documents
  • Logging Changes to Table Data
  • Logging Changes Made Using the Change and Transport System
  • Change Log User and Authorization
  • Logging HR Reports
  • Menu Paths in Audit Information System

14. SAP Security Optimization

14.1 User Monitoring and Reporting

  • User Information System
  • User IDs with Initial Password

 

14.2 Segregation of Duty (SoD)

  • Details of Segregation of Duty

 

14.3 Critical Transaction & Critical Combination

  • RSUSR008_009_NEW
  • Critical Authorization
  • Critical Combinations
  • Analyze the result

 

14.4 Securing User & Password

  • Securing SAP Standard Users
  • Password Exceptions
  • Parameters Used for Password Checks
  • Parameters Used for Multiple Logons
  • Parameters Used for Incorrect Logons
  • Parameters Used for Limited Validity of Initial Password
  • Parameters Used to Turn Off Password Logon
  • Other Logon Parameters

 

14.5 Securing Production Systems

  • System Change Options
  • Client Change Options
  • Client Specific Object
  • Configuration/Development Client

 

15. Secure Network Communications (SNC)

  • SNC Overview
  • Using the SAP Cryptographic Library for SNC
  • Configuring the Use of the SAP Cryptographic Library for SNC
  • Install the SAP Cryptographic Library
  • Set Parameters for the Trust Manager
  • Create PSE and Credentials
  • Set Profile Parameters
  • Make Access Control List Entries

 

16. Conclusion

  • Conclusion

 

Reviews

There are no reviews yet.

Be the first to review “SAP Security”