Practice Question Answers and Explanations

  1. Correct answers: B, C

    We can assign roles to other roles and roles to users in SAP HANA. We can assign privileges to users, but this is not recommended. We cannot assign roles to privileges. We can only assign privileges to roles.

  2. Correct answers: C, D

    End users are created as users in the SAP HANA system in the SAP HANA as a platform deployment scenario. With SAP HANA Live, users are created in the SAP application server, and they are automatically created by the Authorization Assistant in SAP HANA. With SAP BW on SAP HANA and SAP S/4HANA, users are created in the SAP application servers, not in SAP HANA.

  3. Correct answer: B

    False. The default behavior of SAP HANA is to deny access. Please note that True or False questions are included to help your understanding, but the actual certification exam does not have such questions.

  4. Correct answer: A

    You must grant read access to your schema for the _SYS_REPO user if your newly created information view does NOT want to activate.

  5. Correct answer: B

    You have to assign Kerberos authentication to users to allow single sign-on

  6. Correct answer: D

    You can graphically create a design-time role in the Editor area of the SAP HANA web-based development workbench. In the Security area of the workbench, you can create only runtime roles. In the Roles area under Security in SAP HANA studio, you can create only runtime roles. In the Repository area in the development perspective in SAP HANA studio, you can only create a design-time role as a text file, not graphically.

  7. Correct answer: C

    The REPO.MAINTAIN_DELIVERY_UNITS system privilege allows you to create a delivery unit. REPO.EXPORT and REPO.IMPORT are used for transporting, not for creating delivery units. REPO.WORK_IN_FOREIGN_WORKSPACE allows you to activate colleagues’ information views and is not related to delivery units.

  8. Correct answer: A

    True. Yes, an object privilege on a table with SELECT rights will allow you to access all the data.

  9. Correct answers: B, C

    You can use a view with a filter or a SQL analytic privilege to limit users to see only 2016 data. A view with a restricted column will show all the data in all the fields, except in the restricted column.

  10. Correct answer: C

    An analytic privilege on both calculation views.

  11. Correct answer: B

    False. You cannot limit access to a subpackage if you have given access to the higher-level package.

  12. Correct answer: A

    You tell the view to enable SQL analytic privileges in the semantic node of the information model.

  13. Correct answer: B

    The migration tool migrates XML analytic privileges to SQL analytic privileges.