SAP Security interview Questions :
Note: This is for 2-3 years experienced candidate’s interview. Please prepare notes and the
relevant answers of the questions given in this sheet from Sreedhar Gajulapalli’s videos
and Varun N’s Security notes. For GRC access control basics cover SAP TRAINING Youtube
channel.
1. Introduce yourself and describe your day to day activities in your previous job role.
2. What are the mandatory fields for user creation?
3. How many types of users are there?
4. Difference between Service user and Dialog user?
5. Difference between Service user and communication user?
6. Difference Between System User and Communication User?
7. Can we use Communication user for Background Job Scheduling?
8. What is reference user used for? How do we use reference user?
9. Types of locks?
10. Types of Return codes?
11. Maximum no. of profiles that can be assigned in an user’s profile?
12. Difference between User Group in logon data tab and Groups tab in SU01?
13. Difference between S_TABU_DIS and S_TABU_NAM?
14. What is the functional difference between parameters and roles?
15. What is the TCODE to set password parameters?
16. Remember all the tables starting with AGR_*
17. Difference between Master and Derived role?
18. How is the Master role used?
19. How is the Derived role used?
20. What are the different types of Authorization object status in role creation process?
21. Options of expert mode of role modification?
22. Difference between manual mode and expert mode 3rd option?
23. How many derived roles can be derived from 1 master role?
24. How to find master role of a derived role and vice-versa?
25. How will you change authorization field for a derived role?
26. How will find the composite role of a single role?
27. What are the necessary authorization objects for a security admin to run SU01?
28. What is the tcode to display or change the authorization data of a TCODE?
29. What is the table to check the authorization data of a TCODE?
30. SU53,SU56,ST01,STAUTHTRACE and internal difference.
31. Suppose you find a role that was modified with critical access by a security admin
who is not currently associated with your organization. What are the steps you will
follow to resolve it?
�32. If an user is assigned with a role but can’t access tcode how should we guide the
user?
33. What is user buffer? Tcode to access user buffer?
34. USOBT, USOBX, USOBT_C, USOBX_C tables and internal differences?
35. Difference between ST01 and STAUTHTRACE?
36. How to change date, time, language, printer for a user?
37. Difference between SU22 and SU24?
38. How to copy data from SU22 to SU24?
39. For an upgrade implementation how will you transfer the ECC SU22 data in SU24 in
S4HANA system? Which are the steps will you follow?
40. When are the 1st step and 2nd step of SU25 is used?
41. What kind of user is FFID?
42. Process to assign FFID.
43. How to configure EAM and ARA components?
44. What is the difference between FFID owner and FFID controller?
45. Can the same person become both FFID owner and controller?
46. Process to assign an owner and controller for an FFID.
47. How to find FFID activities done for an ffid?
48. Ruleset, User Access Review, Risk analysis
49. How many transport requests are there?
50. Can the users be transported? If yes, should we do so?
51. Difference between Transport request and Task?
52. Do we release the T.R. or the task?
53. Tcodes to create Transport request.
54. Difference between Green ,yellow and Red signal of the authorization of a role.
55. How to check Audit log of system?
56. Difference between ECC and S4HANA?
57. How to create roles in S4 HANA?
58. How to add authorization in user in HANA studio?
59. What is authorization analysis in Cost Center?
60. Expect some questions on Fiori security, BTP and IAG cloud security.
