SAP SECURITY

SAP SECURITY

Server-to-server communications can be encrypted with the SAP cryptographic library. With the recent acquisition of relevant parts of SECUDE,[4] SAP can now provide cryptography libraries with SAP R/3 for Secure Network Communications and Secure Socket.

COURSE CONTENT:

SAP R/3, Net weaver Technologies SAP Security
    1.	Elements of SAP Authorization Concepts
    2.	User Master Record
    3.	Working with Profile Generator (Roles, Composite Roles, Derived Roles, Customizing Roles)
    4.	Access Control and User administration (password Rules, special users, Authorization Administration)
    5.	Analysis and monitoring functions.
    6.	Special Authorization Components (Express Profile Gen)
    7.	Transport of authorization components
    8.	Automation of initial Loads
    9. Central User Administration
    10. Configuring and Using Basis Security Audit Tools Configuration of the Audit Log Reading the Audit Log
    11. Controlling Transaction Codes, Tables, Programs Auditing the protection of transaction code execution
          Auditing the protection of direct table access Auditing the protection of direct program execution Auditing
          the protection of developer access
    12. Securing User and Group Administration User Information System for Audits Decentralized security approaches
           Trace tools for users that can be used to support audits Auditing standard SAP users Auditing user related security parameters
    13. Change Management and Security SAP recommended system landscape Approval processes for change management 
           Auditing system change options and client change options Roles and responsibilities for change management
    14. Securing System Administration Services in Production Auditing security for background processing 
            Auditing security for spool, operating system commands System authorizations required for end-users Auditing RFC destinations
    15. BW Security Review
    16. Enterprise Portals Security Review
    17. HR Security Review
    18. SECATT script for Mass user creation
    19. Background job monitoing
    20. Profile Paramters for Security

SAP GRC 
    •	Installation, setup and upgrades
    •	Components of GRC Access Control
    •	Configuring RAR
    •	Segregation of duties (SoD) analysis
    •	Rule design, configuration and testing
    •	Access violation remediation
    •	Firefighter(SPM) access setup
    •	Custom report development
    •	Mitigation Controls Assessment & Improvement
    •	Configuring Role Expert
    •	SAP security role design using role expert
    •	Working with SAP CUP
    •	GRC Repository