8.1 Explaining Security

Question 1

SAC provides basic user mgmt, which lets you do 3 thins with role assignment

Answer 1

• create
• delete
• change

Question 2

what user management and authentication mechanism does SAC use

Answer 2

SAP Cloud Identity Management

Question 3

What is another way to import user data for security

Answer 3

CSV file

Question 4

importing users from an active directory server is supported (TF)

Answer 4

false

Question 5

what 3 fields are required for security

Answer 5

User ID
Last Name
Email

Question 6

what is the role of a Manager of a user

Answer 6

to approve the users requests for self-service role

Question 7

can user ID be changed once it’s created

Answer 7

no

Question 8

what is used to link a SAML identity in an external SAML ID provider

Answer 8

X509 user mapping

Question 9

what are the pre-delivered standard application roles (12)

Answer 9

• system owner
• admin
• modeler
• planner/reporter
• viewer
• BI admin
• BI content creator
• BI content viewer
• SAP BTP Content Creator
• SAP BTP Content Viewer
• Boardroom creator
• Boardroom viewer

Question 10

What privileges does a System Owner have

Answer 10

• full privileges

- only 1 user can be assigned this role

Question 11

What privileges does a Admin have

Answer 11

• full privileges
• can access all functions
• has data read access

Question 12

What privileges does a Modeler have

Answer 12

• modeling privileges

- full access to all models and dims

Question 13

What privileges does a Planner/Reporter have

Answer 13

• planning and reporting

- data access granted seperately

Question 14

What privileges does a Viewer have

Answer 14

• planning read only

- no privileges to change anything

Question 15

What privileges does a BI admin have

Answer 15

• full privileges
• can access all functions
• has data read access

Question 16

What privileges does a BI content creator have

Answer 16

• content creator

- create BI content and models

Question 17

What privileges does a BI content viewer have

Answer 17

• bi read only

no privileges to change anything

Question 18

What privileges does a SAP BTP Content Creator have

Answer 18

• access SAP BTP as a datasource

Question 19

What privileges does a SAP BTP Content Viewer have

Answer 19

• view BTP content

Question 20

What privileges does a Boardroom Creator have

Answer 20

• can create boardrooms

Question 21

What privileges does a Boardroom viewer have

Answer 21

• view all boardrooms

Question 22

Describe the team concept

Answer 22

• a team is a group of users
• a user can belong to multiple teams
• a role can be assigned to a team, and all users in the team inherit the role

Question 23

Describe the workflow for assigning privileges to users (4)

Answer 23

> create users
create teams
create roles
assign the roles/users to teams

Question 24

how do you indirectly assign a role to a user

Answer 24

1. assign user to team A

2. assign role to team A

Question 25

Single sign on is not supported for

Answer 25

live models

Question 26

3 basic ways to create users in the system

Answer 26

- manual - file import - via SCIM APIs and Dynamic User Creation using SAML IDP

Question 27

Admins can define what 4 types of SAC story access and related elements

Answer 27

- Catalog access (publish stories to catalog by team) - Bookmarks (view/edit/full, private vs global) - Sharing stories w/ user or team (view/edit/full) - Folder access (share folders with view/edit access for stories in the folder)