SAP SECURITY- Online Training

Course Overview Part I

This course will provide information about the fundamentals of the SAP authorization concept, using SAP R/3 Enterprise. However, these fundamentals can, for the most part, be adapted to other components. Basic knowledge about the SAP environment is vital for this training course.

Target Audience This course is intended for the following audiences: Project team members Authorization and user administrators from the system administration Authorization and user administrators from the user departments.

Course Prerequisites Required Knowledge SAPTEC (SAP NetWeaver: Fundamentals of the Application Platform)

Recommended Knowledge SAP01 (mySAP.com Overview) Attendance of basic and advanced training courses in at least one application area.

Course Goals This course will prepare you to: Outline the elements, strategies, and tools of the SAP authorization concept Generate and assign authorization profiles with the Profile Generator Work with the Central User Administration (CUA) tool.

Course Objectives After completing this course, you will be able to: List the elements and objects of the authorization concept Explain the use and purpose of the Profile Generator Analyze authorizations Describe special objects for administrators.

Contents
Course Overview
Course Goals
Course Objectives

Unit 1: Authorizations in General

Unit 2: Basic Terminology of Authorizations

	What Are Authorizations
	Creating and Implementing an Authorization Concept

	Elements and Terminology of the SAP R/3 Authorization
	Concept
	Authorization Checks in the SAP System

Unit 3: User Settings

Unit 4: Working with the Profile Generator

Maintaining and Evaluating User Data

	Profile Generator and Standard Roles
	Special PFCG Roles
	Subtleties of Authorization Maintenance

Unit 5: Basic Settings

Unit 6: Transporting Authorizations

	Profile Generator: Installation and Upgrade
	Access Control and User Administration
	Troubleshooting and Administration Aids

Transporting Authorization Components

Unit 7: Integration into the Company Landscape

Unit 8: Using Enterprise Portals

	Integration into Organizational Management
	Central User Administration (CUA)

	Introduction to the SAP NetWeaver Component SAP Enterprise Portal
	SAP Enterprise Portal . Security Issues

Course Overview Part II
This course will discuss the tools available to ensure system security accurately reflects your company.s security policies. We will discuss how to use the Audit Information System to conduct a thorough system audit. We will also discuss system services that should be appropriately protected in a production environment.

Target Audience
This course is intended for the following audiences:
System security auditors
Security administrators

Course Prerequisites
Required Knowledge
SAPTEC . mySAP NetWeaver Solution Fundamentals
ADM100 . mySAP NetWeaver Administration

Recommended Knowledge
Experience with security issues
Authorization concepts

Course Goals
This course will prepare you to: Identify and protect sensitive data in production systems
Use the SAP Audit Information System to structure and conduct a thorough security audit
Configure important security monitoring and tracing mechanisms
Configure standard SAP role maintenance tools to produce company-specific, security-enhanced roles and authorization profiles
Secure change management mechanisms in production system landscapes
Secure system administration tools against misuse

Course Objectives
This course will prepare you to: After completing this course, you will be able to:
Identify and protect sensitive data in production system
Demonstrate use of the Audit Information System to structure and conduct a thorough security audit
Configure standard SAP role maintenance tools to produce company-specific, security-enhanced roles and authorization profiles
Secure change management mechanisms in production system landscapes
Secure system administration tools against misuse

CONTENTS
Course Overview
Course Goals
Course Objectives

Unit 1: Introduction to Internal Security Auditing
mySAP System Security: Goals and Methods

Unit 2: The SAP Audit Information System and Other SAP Security Monitoring Tools
Configuring and Using the Audit Information System
Configuring and Using Security Audit Tools

Unit 3: Securing Systems through User, Role, and Authorization Maintenance
Controlling Access to Transaction Codes, Tables, and Programs
Using Logs to Monitor the Application
Customizing the Role Maintenance Tools in mySAP Solutions 134
Securing User and Group Administration

Unit 4: Securing Production Systems
Change Management and Security
Securing System Administration Services in Production Systems

Course Overview Part III
Security in SAP System Environments
Target Audience
This course is intended for the following audiences:
SAP system administrators
Project team members
Persons responsible for technical system security

CONTENTS
1. Introduction
2. Product Overview
3. Network Basics
5. Basic Security
4. Introduction to
6. Internet Transaction
7. Single Sign-On
8. SAP Web Application
9. SAP Enterprise
10. Conclusion

GRC Overview

Installing CC

Configuration of CC

Java and EP security

User Management Engine Fundamentals

Configuring User Management Engine

User Management Tools

Authorization concepts

Single Sign On overview and configuration

Integrating other SAP business suite

Role and user distribution to SAP systems

Identity Management
Technical System Landscape
User Administration and Authentication
Network and communication security
Data Storage Security