Course Description
Video based SAP Security training with Tech Video is a self paced course. You will learn complete end to end aspect of SAP Security in detail.
Course Content
What will you learn?
- 1. Introduction
- 1.1 Objectives and Goals of SAP Security Course
- 1.2 SAP Net Weaver Fundamentals
- ……Overview of SAP R/3
- ……SAP GUI configuration
- ……SAP logon screen
- ……Initial screen in SAP systems
- ……Maintaining your user profile
- ……Favorites list and user menu
- ……Calling Functions
- ……Additional navigation options
- ……Processing user requests
- ……SAP Server Database Interface
- ……SAP Server Processes
- ……SAP Client Structure
- ……System Landscape
- ……Remote Function Calls
- 2. SAP Authorizations
- 2.1 SAP Authorizations
- ……Why Do We Require Authorizations?
- ……Security � Overview
- ……SAP Access Controls
- ……Users, Roles, and Authorizations
- ……Technical Implementation of Roles
- ……User-Specific Menus
- 2.2 Authorization Concept Implementation
- ……Implementation Methods and Authorizations
- ……Role and Authorization Concept: Steps
- ……Step 1: Preparation
- ……Team members for Roles and Authorizations
- ……Step 2: Analysis & Conception
- ……Technical Conception: Role Implementation
- ……Analysis: Determine user roles
- ……Conception: Complete User Roles (1)
- …….Technical Conception: Role Implementation
- ……Step 3: Implementation
- ……Step 4: Quality Assurance & Tests
- ……Step 5: Cutover
- ……Implementing User and Authorization Administration
- ……User and Authorization Administration
- 3. Fundamentals of SAP Authorization
- 3.1 SAP Authorisation elements
- ……Elements of the SAP Authorization Concept
- ……Field, Object & Object Classes
- ……Authorization level
- ……Authorizations and Authorization Profiles
- ……Create roles using profile generator PFCG
- 3.2 Authorisation check Process
- ……Authorization Checks at Transaction Start
- ……Authorization Check in the Program
- ……SAP User Buffer
- 4. SAP User Master
- 4.1 Creating and Maintaining User Master Data
- ……Components of the User Master
- ……Tab � Address
- ……Tab – Logon Data
- ……User Types
- ……Tab � Defaults
- ……Tab � Parameters
- ……Tab � Roles
- ……Tab � Profiles
- ……Tab � Groups
- ……Tab � Personalization
- ……Tab – License Data
- …..User Mass Maintenance
- 5. Role Maintenance
- 5.1 PFCG Profile Generator
- ……PFCG – Profile Generator
- ……Role Name and Description
- ……Role Menus
- ……Maintain authorization
- ……Maintain authorization data
- ……Authorization profile
- ……User assignment
- ……User master comparison
- 5.2 Composite Roles
- ……Composite Roles and User
- ……Composite role menu
- 5.3 Master Roles and Derived Roles
- ……Master Roles and Derived Roles
- ……Derived Roles Menu
- 5.4 Authorization Maintenance
- ……Traffic Light Legend
- ……Icons Legend
- ……Status Texts
- 6. Authorization Development
- 6.1 End User Role Development
- ……Naming Convention
- ……Single Role, Org Level
- ……Single Roles Org Level
- 6.2 User Administration – 4 eye principle
- ……4 eye principle
- ……8 eye principle
- ……8 eye principle Implementation
- 7. Administrative Settings
- 7.1 Settings for Role Maintenance
- ……Activation of the Profile Generator
- ……PFCG Default Values
- ……Default Tables
- ……Adjusting Check Indicators
- ……ST22 � SAP Default Check
- 7.2 SAP Upgrade Steps
- ……Upgrade Steps
- ……SAP_ALL & SAP_NEW
- 7.3 Access Control Administration
- ……Profile Parameters and Password Rules
- ……Password Checks with System Profile Parameters
- ……Special Users
- 7.4 Analyze Authorization Issues
- ……SU53 � Authorization check
- ……ST01 � Authorization trace
- ……Authorisation Issues
- ……Authorisation verification
- 8. SAP HCM Security
- 8.1 Introduction to SAP � HR
- ……Basics
- ……Infotypes
- ……HR � Tcode
- 8.2 HR Authorisation
- ……HR Authorization Concept
- ……HR Object
- ……HR Data
- ……HR Security – authorization switch
- ……HR Authorization Field
- ……P_ORGIN vs P_ORGINCON
- ……P_PERNR
- ……P_APPL & PLOG
- 8.3 Structural Authorizations
- ……Structural Authorizations definition and details
- 8.4 Indirect Role Assignment
- ……Indirect role assignment Steps and details
- 9. Transporting Authorizations
- 9.1 Transporting Authorizations
- ……SAP transport
- ……Transport Request
- ……Authorization profiles Setting
- ……Download and upload Roles
- ……Mass Transport & Mass download
- ……Mass Profile Generator & Mass compare
- ……Transporting User Master Records
- ……Client Copy
- 9.2 Authorization Concept for Transport Handling
- ……Transport Request Activity
- ……Transport handling authorisation matrix
- 10. Interface and Special Authorization
- 10.1 Interface(RFC) Authorization
- ……Remote Function Call
- ……RFC Authorization
- ……RFC Authorization Object
- ……Create RFC Role
- 10.2 Special Authorisation
- ……Table Maintenance
- ……Table Maintenance of Cross-Client Tables
- ……Table Authorization for Organizational Unit
- ……Create Table auth group
- ……Auth Group Checking
- ……Reports
- ……Background Job
- ……Spools
- ……User/Roles
- ……BDC Sessions
- ……ABAP Work Bench
- 10.3 Custom Auth Objects
- ……User of Custom object
- ……SU20 – Maintain Authorization Fields
- ……SU21 – Maintain Authorization Objects
- 10.4 Call Transaction (SE97)
- ……SE97-Maint. transaction call authorization
- ……Message Type
- 11. Central User Administration
- Introduction to Central User Administration
- Decentralized User Administration
- Central User Administration
- ALE Data Distribution
- ALE Setup
- Setup of the Central User Administration
- SCUM � User Distribution Field Selection
- Integration of Existing Systems
- Copying User Master Records
- Central User Maintenance
- Setup CUA
- 12. SAP Audit Information System
- Purpose of and Procedures for Security Audits
- Tools available Security Audits
- Audit Information System (AIS)
- Audit Environment
- Target Groups
- Major Components of System Audit
- Using AIS from a System Audit Perspective
- 13. Security Audit Tools
- 13.1 Security Audit Log
- ……AIS Path
- ……Introducing the Security Audit Log
- ……Information in security audit log
- ……Security Audit Log Architecture
- ……The Audit File and the Audit Record
- ……Instance Parameters
- ……Configuring Filters
- ……Configuring Security Audit Filters
- ……Audit Profile
- ……Dynamic Filters
- ……Defining Filters
- ……Audit Analysis
- ……Reading the Security Audit Report
- ……Deleting Old Audit Files
- 13.2 CCMS Alert Monitor
- ……Security Monitor
- ……Audit Information System Menu Paths
- 13.3 Activities Log
- ……Audit Information System (AIS)
- ……Logging of Specific Activities
- ……Application Logging
- ……Logging Workflow Execution
- ……Logging Change Documents
- ……Logging Changes to Table Data
- ……Logging Changes Made Using the Change and Transport System
- ……Change Log User and Authorization
- ……Logging HR Reports
- ……Menu Paths in Audit Information System
- 14. SAP Security Optimization
- 14.1 User Monitoring and Reporting
- ……User Information System
- ……User IDs with Initial Password
- 14.2 Segregation of Duty (SoD)
- ……Details of Segregation of Duty
- 14.3 Critical Transaction & Critical Combination
- ……RSUSR008_009_NEW
- ……Critical Authorization
- ……Critical Combinations
- ……Analyze the result
- 14.4 Securing User & Password
- ……Securing SAP Standard Users
- ……Password Exceptions
- ……Parameters Used for Password Checks
- ……Parameters Used for Multiple Logons
- ……Parameters Used for Incorrect Logons
- ……Parameters Used for Limited Validity of Initial Password
- ……Parameters Used to Turn Off Password Logon
- ……Other Logon Parameters
- 14.5 Securing Production Systems
- ……System Change Options
- ……Client Change Options
- ……Client Specific Object
- ……Configuration/Development Client
- 15. Secure Network Communications (SNC)
- SNC � Overview
- Using the SAP Cryptographic Library for SNC
- Configuring the Use of the SAP Cryptographic Library for SNC
- Install the SAP Cryptographic Library
- Set Parameters for the Trust Manager
- Create PSE and Credentials
- Set Profile Parameters
- Make Access Control List Entries