7. What fundamental authorization object is to be used as the first line of defense in checking authorization for a transaction code?
s_tcode is the primary check for almost all SAP authorization checks. You can limit a transaction from being accessed simply by removing the transaction code from s_tcode in a role. Even if the other authorizations exist, the user will not have access to the transaction.