SAP Security

Course Description

Video based SAP Security training with Tech Video is a self paced course. You will learn complete end to end aspect of SAP Security in detail.

What will you learn?

• 1. Introduction
• 1.1 Objectives and Goals of SAP Security Course
• 1.2 SAP Net Weaver Fundamentals
• ……Overview of SAP R/3
• ……SAP GUI configuration
• ……SAP logon screen
• ……Initial screen in SAP systems
• ……Maintaining your user profile
• ……Favorites list and user menu
• ……Calling Functions
• ……Additional navigation options
• ……Processing user requests
• ……SAP Server Database Interface
• ……SAP Server Processes
• ……SAP Client Structure
• ……System Landscape
• ……Remote Function Calls
• 2. SAP Authorizations
• 2.1 SAP Authorizations
• ……Why Do We Require Authorizations?
• ……Security � Overview
• ……SAP Access Controls
• ……Users, Roles, and Authorizations
• ……Technical Implementation of Roles
• ……User-Specific Menus
• 2.2 Authorization Concept Implementation
• ……Implementation Methods and Authorizations
• ……Role and Authorization Concept: Steps
• ……Step 1: Preparation
• ……Team members for Roles and Authorizations
• ……Step 2: Analysis & Conception
• ……Technical Conception: Role Implementation
• ……Analysis: Determine user roles
• ……Conception: Complete User Roles (1)
• …….Technical Conception: Role Implementation
• ……Step 3: Implementation
• ……Step 4: Quality Assurance & Tests
• ……Step 5: Cutover
• ……Implementing User and Authorization Administration
• ……User and Authorization Administration
• 3. Fundamentals of SAP Authorization
• 3.1 SAP Authorisation elements
• ……Elements of the SAP Authorization Concept
• ……Field, Object & Object Classes
• ……Authorization level
• ……Authorizations and Authorization Profiles
• ……Create roles using profile generator PFCG
• 3.2 Authorisation check Process
• ……Authorization Checks at Transaction Start
• ……Authorization Check in the Program
• ……SAP User Buffer
• 4. SAP User Master
• 4.1 Creating and Maintaining User Master Data
• ……Components of the User Master
• ……Tab � Address
• ……Tab – Logon Data
• ……User Types
• ……Tab � Defaults
• ……Tab � Parameters
• ……Tab � Roles
• ……Tab � Profiles
• ……Tab � Groups
• ……Tab � Personalization
• ……Tab – License Data
• …..User Mass Maintenance
• 5. Role Maintenance
• 5.1 PFCG Profile Generator
• ……PFCG – Profile Generator
• ……Role Name and Description
• ……Role Menus
• ……Maintain authorization
• ……Maintain authorization data
• ……Authorization profile
• ……User assignment
• ……User master comparison
• 5.2 Composite Roles
• ……Composite Roles and User
• ……Composite role menu
• 5.3 Master Roles and Derived Roles
• ……Master Roles and Derived Roles
• ……Derived Roles Menu
• 5.4 Authorization Maintenance
• ……Traffic Light Legend
• ……Icons Legend
• ……Status Texts
• 6. Authorization Development
• 6.1 End User Role Development
• ……Naming Convention
• ……Single Role, Org Level
• ……Single Roles Org Level
• 6.2 User Administration – 4 eye principle
• ……4 eye principle
• ……8 eye principle
• ……8 eye principle Implementation
• 7. Administrative Settings
• 7.1 Settings for Role Maintenance
• ……Activation of the Profile Generator
• ……PFCG Default Values
• ……Default Tables
• ……Adjusting Check Indicators
• ……ST22 � SAP Default Check
• 7.2 SAP Upgrade Steps
• ……Upgrade Steps
• ……SAP_ALL & SAP_NEW
• 7.3 Access Control Administration
• ……Profile Parameters and Password Rules
• ……Password Checks with System Profile Parameters
• ……Special Users
• 7.4 Analyze Authorization Issues
• ……SU53 � Authorization check
• ……ST01 � Authorization trace
• ……Authorisation Issues
• ……Authorisation verification
• 8. SAP HCM Security
• 8.1 Introduction to SAP � HR
• ……Basics
• ……Infotypes
• ……HR � Tcode
• 8.2 HR Authorisation
• ……HR Authorization Concept
• ……HR Object
• ……HR Data
• ……HR Security – authorization switch
• ……HR Authorization Field
• ……P_ORGIN vs P_ORGINCON
• ……P_PERNR
• ……P_APPL & PLOG
• 8.3 Structural Authorizations
• ……Structural Authorizations definition and details
• 8.4 Indirect Role Assignment
• ……Indirect role assignment Steps and details
• 9. Transporting Authorizations
• 9.1 Transporting Authorizations
• ……SAP transport
• ……Transport Request
• ……Authorization profiles Setting
• ……Download and upload Roles
• ……Mass Transport & Mass download
• ……Mass Profile Generator & Mass compare
• ……Transporting User Master Records
• ……Client Copy
• 9.2 Authorization Concept for Transport Handling
• ……Transport Request Activity
• ……Transport handling authorisation matrix
• 10. Interface and Special Authorization
• 10.1 Interface(RFC) Authorization
• ……Remote Function Call
• ……RFC Authorization
• ……RFC Authorization Object
• ……Create RFC Role
• 10.2 Special Authorisation
• ……Table Maintenance
• ……Table Maintenance of Cross-Client Tables
• ……Table Authorization for Organizational Unit
• ……Create Table auth group
• ……Auth Group Checking
• ……Reports
• ……Background Job
• ……Spools
• ……User/Roles
• ……BDC Sessions
• ……ABAP Work Bench
• 10.3 Custom Auth Objects
• ……User of Custom object
• ……SU20 – Maintain Authorization Fields
• ……SU21 – Maintain Authorization Objects
• 10.4 Call Transaction (SE97)
• ……SE97-Maint. transaction call authorization
• ……Message Type
• 11. Central User Administration
• Introduction to Central User Administration
• Decentralized User Administration
• Central User Administration
• ALE Data Distribution
• ALE Setup
• Setup of the Central User Administration
• SCUM � User Distribution Field Selection
• Integration of Existing Systems
• Copying User Master Records
• Central User Maintenance
• Setup CUA
• 12. SAP Audit Information System
• Purpose of and Procedures for Security Audits
• Tools available Security Audits
• Audit Information System (AIS)
• Audit Environment
• Target Groups
• Major Components of System Audit
• Using AIS from a System Audit Perspective
• 13. Security Audit Tools
• 13.1 Security Audit Log
• ……AIS Path
• ……Introducing the Security Audit Log
• ……Information in security audit log
• ……Security Audit Log Architecture
• ……The Audit File and the Audit Record
• ……Instance Parameters
• ……Configuring Filters
• ……Configuring Security Audit Filters
• ……Audit Profile
• ……Dynamic Filters
• ……Defining Filters
• ……Audit Analysis
• ……Reading the Security Audit Report
• ……Deleting Old Audit Files
• 13.2 CCMS Alert Monitor
• ……Security Monitor
• ……Audit Information System Menu Paths
• 13.3 Activities Log
• ……Audit Information System (AIS)
• ……Logging of Specific Activities
• ……Application Logging
• ……Logging Workflow Execution
• ……Logging Change Documents
• ……Logging Changes to Table Data
• ……Logging Changes Made Using the Change and Transport System
• ……Change Log User and Authorization
• ……Logging HR Reports
• ……Menu Paths in Audit Information System
• 14. SAP Security Optimization
• 14.1 User Monitoring and Reporting
• ……User Information System
• ……User IDs with Initial Password
• 14.2 Segregation of Duty (SoD)
• ……Details of Segregation of Duty
• 14.3 Critical Transaction & Critical Combination
• ……RSUSR008_009_NEW
• ……Critical Authorization
• ……Critical Combinations
• ……Analyze the result
• 14.4 Securing User & Password
• ……Securing SAP Standard Users
• ……Password Exceptions
• ……Parameters Used for Password Checks
• ……Parameters Used for Multiple Logons
• ……Parameters Used for Incorrect Logons
• ……Parameters Used for Limited Validity of Initial Password
• ……Parameters Used to Turn Off Password Logon
• ……Other Logon Parameters
• 14.5 Securing Production Systems
• ……System Change Options
• ……Client Change Options
• ……Client Specific Object
• ……Configuration/Development Client
• 15. Secure Network Communications (SNC)
• SNC � Overview
• Using the SAP Cryptographic Library for SNC
• Configuring the Use of the SAP Cryptographic Library for SNC
• Install the SAP Cryptographic Library
• Set Parameters for the Trust Manager
• Create PSE and Credentials
• Set Profile Parameters
• Make Access Control List Entries