hello dear learners if you are looking for C_GRCAC_12 Online Practise Test | SAP C_GRCAC_12 Online Test with Answers | SAP Certified Application Associate – SAP Access Control 12.0 C_GRCAC_12 Notes Question Answers | C_GRCAC_12 Multiple Choice Questions with Answers | C_GRCAC_12 Objective type Questions Answers then you will get all details here.
Note : The questions which are given here are for practise purpose only. In Your Certification Exam this type of Questions may Occur. So please Study wisely and go for Exam. All the Best!!!
For More Practise Test of SAP – Join Our Telegram Channel
QUESTION NO: 1
Which of the following represent valid Agent Types within MSMP Workflow configuration? Note: There are 2 correct answers to this question.
A. BRFplus rule
B. PFCG Roles
C. BRFplus flat rule
D. GRC API (Application Programming Interface) Rules
Answer: BD
QUESTION NO: 2
SAP Governance, Risk and Compliance solutions are organized along 4 key themes. Which of the following are key themes? Note: There are 3 correct answers to this question.
A. Audit Management
B. Cybersecurity and Data Protection
C. Business Integrity Screening
D. Access Governance
E. Enterprise Risk and Compliance
Answer: ADE
QUESTION NO: 3
You are implementing Access Request Management. Which integration scenarios should you assign to the target connector? Choose the correct answer.
A. PROV
B. PROV, AUTH
C. PROV, ROLMG
D. PROV, ROLMG, SUPMG, AUTH
Answer: A
QUESTION NO: 4
Which of the following reviewer options does User Access Review support? Choose the correct answer.
A. Manager or Risk Owner
B. Manager or Role Owner
C. Manager and Role Owner
D. Manager and Risk Owner
Answer: b
QUESTION NO: 5
Which of the following SAP functionalities can you use to calculate rule results when configuring MSMPWorkflow? Note: There are 2 correct answers to this question.
A. ABAP Function Module
B. BRFplus
C. Standard SAP report
D. Direct Operating System call
Answer: AB
QUESTION NO: 6
You want to use Access Request Management to provision access in a target system. Which of the following actions are required before access can be provisioned using an access request? Note: There are 2 correct answers to this question.
A. Maintain System Provisioning Configuration
B. Import role definitions in Business Role Management
C. Maintain custom End User Personalization settings
D. Maintain Global Provisioning Configuration
Answer: AD
QUESTION NO: 7
You want approver authentication when approving an access request. Which MSMP Workflow stage configuration option can you use? Choose the correct answer.
A. Reaffirm Approval
B. Approve by Email
C. Approve Despite Risk
D. Confirm Approval
Answer: A
QUESTION NO: 8
You wish to synchronize data from transaction SU24 in the SAP S/4HANA production system into SAP Access Control for use in building a rule set. What is the correct synchronization job schedule for
completing this task? Choose the correct answer.
A. Authorization Sync
B. It is not possible to synchronize SU24 data from a production system
C. Repository Object Sync followed by an Action Usage Sync
D. Action Usage Sync followed by Role Usage Sync
Answer: A
QUESTION NO: 9
You want to create an Initiator rule in BRFplus for the standard access request. Which structures provide the attributes that you can use to define your rule? Note: There are 2 correct answers to this question.
A. GRAC_ACCESS_REQUEST_APPL_MAPPING
B. GRAC_DT_REQUEST_FIELD_LABELS
C. GRAC_S_REQUEST_RULE_HEADER
D. GRAC_S_REQUEST_RULE_LINE
Answer: CD
QUESTION NO: 10
It is mandatory for a Firefighter ID to be assigned to which of the following? Choose the correct answer.
A. Firefighter ID Controller
B. Firefighter ID Owner and Firefighter ID Controller
C. Firefighter
D. Firefighter ID Owner
Answer: D
QUESTION NO: 11
Which combination of rule kind and rule type determines the path upon submission of a request?
A. Agent rule BRFplus Flat
B. Routing rule BRFplus
C. Initiator rule BRFplus
D. Agent rule ABAP Class-Based
Answer: C
QUESTION NO: 12
Which transaction do you use to monitor background jobs in Access Control repository synchronization?
A. Schedule Background Jobs (SM36)
B. Test Background Processing (SBTA)
C. Batch Input Monitoring (SM35)
D. Overview of Job Selection (SM37)
Answer: D
QUESTION NO: 13
Which type of user account does an emergency access user need to log on to a Firefighter session using transaction GRAC_SPM?
A. A user account in the User Management Engine (UME)
B. A user account in the Access Control system
C. A user account in the LDAP systemD. A user account in the target system
Answer: B
QUESTION NO: 14
Which of the following IMG activities are common component settings shared across GRC? (Choose three.)
A. Maintain plug-in settings.
B. Maintain connection settings.
C. Maintain mapping for actions and connector groups.
D. Define a connector.
E. Assign a connector to a connector group.
Answer: B D E
QUESTION NO: 15
What does assigning the Logical Group (SOD-LOG) type to a connector group allow you to do?
A. Run a cross-system analysis.
B. Use the connector group for transports to the target system.
C. Monitor the target system.
D. Use the connector group as a business role management landscape.
Answer: D
QUESTION NO: 16
Your customer wants to adapt their rule set to include custom programs from their SAP ERP production system. How do you ensure that the custom programs can be maintained properly in the rule set? (Choose three.)
A. Maintain all relevant authorization objects and the associated default field values in transaction SU24 in the GRC
system.
B. Synchronize SU24 data for use in Access Control Function maintenance using transaction GRAC_AUTH_SYNC.
C. Synchronize SU24 data for use in Access Control Function maintenance using transaction GRAC_REP_OBJ_SYNC.
D. Maintain all relevant authorization objects and the associated default field values in transaction SU24 in the SAP ERP
system.
E. Create a custom transaction code for each customer program using transaction SE93 in the SAP ERP system.
Answer: B D E
QUESTION NO: 17
Which auto-provisioning options are available in the global provisioning configuration? (Choose three.)
A. Manual Provisioning
B. Indirect Provisioning
C. Auto-Provision at End of Request
D. No Provisioning
E. Combined Provisioning
Answer: A,C,D
QUESTION NO: 18
Which tasks must you perform to enable a user to begin a central Firefighter session? (Choose three.)
A. Create a user ID for the Firefighter in the target system.
B. Assign an owner to the Firefighter.
C. Maintain Firefighter ID owners in Access Control owners.
D. Maintain reason codes in Superuser Maintenance.
E. Assign a controller and a Firefighter to a Firefighter ID.
Answer: C,D,E
QUESTION NO: 19
What data is synchronized when you run the GRAC_REPOSITORY_OBJECT_SYNC report? (Choose three.)
A. Profiles
B. Roles
C. Role usage
D. PFCG authorizations
E. Users
Answer: ABE
QUESTION NO: 20
You create a BRFplus initiator rule for the Access Request approval workflow. Which standard request attribute that is listed as a header data object, as well as a line item data object, can you insert into a
condition column?
A. Location
B. Business Process
C. Department
D.Priority
Answer: B
QUESTION NO: 21
Which Access Control master data is shared with Process Control and Risk Management?
A. Access risk master data
B. Organizational master data
C. Business process master data
D. Subprocess master data
Answer: B
QUESTION NO: 22
Which of the following objects can you maintain in the “Maintain Paths” work area of MSMP workflow configuration? (Choose three.)
A. Paths
B. Path versions
C. Rules for path mappings
D. Stage notification settings
E. Stages
Answer: ADE
QUESTION NO: 23
For what purpose can you use the Display Revw Screen setting in MSMP Stage Details?
A. To view the rule result
B. To view the stage configuration
C. To view the initiator rule
D. To view the access request
Answer: D
QUESTION NO: 24
How do you enable the Access Control audit trail function for access rules?
A. Activate the relevant configuration parameter using the Customizing Edit Project (SPRO) transaction.
B. Activate the table logging parameter using the Profile Parameter Maintenance (RZ11) transaction.
C. Activate table logging using the Table History (SCU3) transaction.
D. Activate the security audit log using the Security Audit Configuration (SM19) transaction.
Answer: A
QUESTION NO: 25
Which process steps should you perform when you define a workflow-related MSMP rule? (Choose two.)
A. Save a bottom expression.
B. Select a result data object.
C. Select result parameters.
D. Save condition parameters.
Answer: BD
QUESTION NO: 26
Which transaction can you use to customize notification templates?
A. Change Documentation (SII1)
B. SAP Documentation (SE61)
C. Message Maintenance (SE91)
D. Documentation Message Types (WE64)
Answer: B
QUESTION NO: 27
What is the purpose of a mitigating control?
A. To control the access that is allowed to be assigned to a role
B. To determine which users are allowed to access the system
C. To assign a compensating control to a risk
D. To limit the access that is allowed to be assigned to a user
Answer: C
QUESTION NO: 28
Which BRFplus object is used as a container for all other BRFplus objects?
A. Expression
B. Condition Group
C. Application
D. Function
Answer: C
QUESTION NO: 29
Which of the following tasks must you perform if you want to enable a user to log on to a Firefighter ID?
A. Schedule the Firefighter Workflow Sync job periodically.
B. Run the Firefighter Log Sync job.
C. Set up the Firefighter log configuration parameters.
D. Create a reason code.
Answer: D
QUESTION NO: 30
Which of the following is a feature of centralized Emergency Access Management?
A. Reason codes are defined once and assigned per system.
B. The Firefighter is required to log on to each target system to perform Firefighter activities.
C. The Firefighter IDs are created centrally in Access Control.
D. Administration, reporting, and Firefighter logon are performed on target systems.
Answer: A
QUESTION NO: 31
Which periodic review process allows a role owner to remove roles from the users?
A. UAR Review
B. SoD Review
C. Firefighter Log Review
D. Role Certification Review
Answer: A
QUESTION NO:32
You want to assign an owner when creating a mitigating control. However, you cannot find the user you want to assign as an owner in the list of available users. What could be the reason?
A. The user is already assigned as an owner to another mitigating control.
B. The workflow for creating a mitigating control has not yet been approved.
C. The user is locked.
D. The user has not been assigned as an owner in the organizational hierarchy.
Answer: D
QUESTION NO: 33
Which report types require the execution of batch risk analysis? (Choose two.)
A. Ad-hoc risk analysis reports
B. Offline risk analysis reports
C. User level simulation reports
D. Access rules detail reports
E. User and role analysis dashboards
Answer: BE
QUESTION NO: 34
Where can you define a mitigating control? (Choose three.)
A. In the mitigating controls workset in Access Control
B. In the rule setup in Access Control
C. In the Access Control risk analysis result screen
D. In the central process hierarchy in Process Control
E. In the activity setup in Risk Management
Answer:ACD
QUESTION NO: 35
You have created a new end-user personalization (EUP) form. Where can you make use of this EUP form? (Choose two.)
A. In a stage configuration of a workflow
B. In an organizational assignment request
C. In a template-based request
D. In a model user request
Answer: AC
QUESTION NO: 36
Your customer has created a custom transaction code ZFB10N by copying transaction FB10 and implementing a user exit. How can you incorporate the customer enhancement into the global rule set so that it will be available for Risk Analysis?
A. Update security permissions in all relevant authorization objects, maintain the custom program name in all relevant
functions, and generate the access rules.
B. Update all relevant functions with ZFB10N, maintain the permission values for all relevant authorization objects, and
generate the access rules.
C. Update all relevant functions with ZFB10N, maintain the permission values in the relevant access risk, and generate theglobal rule set.
D. Update the relevant access risk with ZFB10N, maintain access rules in all relevant functions, and generate the global
rule set.
Answer: B
QUESTION NO: 37
What is the purpose of role mining?
A. To consolidate roles by taking actions after running comparisons.
B. To compare authorizations by merging roles during the back-end synchronization.
C. To consolidate authorizations by merging roles in one step.
D. To compare roles by running back-end synchronizations.
Answer: A
QUESTION NO: 38
Which of the following attributes are mandatory when creating business role definition details in Business Role Management? (Choose three.)
A. Functional Area
B. Company
C. Landscape
D. Project Release
E. Application Type
Answer: CDE
QUESTION NO: 39
What information is available in the audit trail log for access rules? (Choose two.)
A. Which terminal ID the change was made from
B. When the change was made
C. Who made the change
D. Who approved the change
Answer: BC
QUESTION NO: 40
For which purpose can you use organizational value mapping?
A. To maintain derived roles with organizational units
B. To group roles by organization
C. To maintain composite roles with organizational units
D. To group users by organization
Answer: A
QUESTION NO: 41
Which reviewers can you select using the Access Control configuration parameter 2006 (Who are the reviewers) for user access review (UAR)? (Choose two.)
A.MANAGER
B. ROLE OWNER
C. RISK OWNER
D. SECURITY LEAD
E. APPROVER
Answer: AB
QUESTION NO: 42
Which of the following are rule types used in MSMP workflow? (Choose three.)
A. Web Service rule
B. ABAP Class-Based rule
C. Function Module-Based rule
D. BRFplus rule
E. ABAP User Exit-Based rule
Answer: BCD
QUESTION NO: 43
How do you manually replicate initiators from a previous version of Access Control so they can be used in BRFplus and a MSMP workflow?
A. Create multiple initiator rules and assign them to a process ID containing different detour path
assignments.
B. Create an initiator rule and assign it to multiple process IDs.
C. Create multiple initiator rules and assign them to a process ID.
D. Create an initiator rule and assign it to a process ID.
Answer: D
QUESTION NO: 44
For what purpose can you use the Role Status attribute in Business Role Management?
A. To organize the authorization structure for your company.
B. To indicate that a role is relevant for a specific project.
C. To restrict the roles available for user access requests.
D. To define how essential a role might be for your company.
Answer: C
QUESTION NO: 45
What does an agent rule determine?
A. The workflow initiator to be executed
B. The workflow detour routing to be executed
C. The available variables to be used in notifications
D. The approves/recipients for the workflow
Answer: D
QUESTION NO: 46
Which indirect provisioning types are supported in user provisioning? (Choose three.)
A. Organization Type
B. Job
C. Position
D. Holder
E. User
Answer: ABC
QUESTION NO: 47
Which agent purposes are available in MSMP workflow? (Choose two.)
A. Approval
B. Notification
C. Forwarding
D. Routing
E. Rejection
Answer: AB
QUESTION NO: 48
Which of the following objects can you customize for MSMP workflows? (Choose two.)
A. Multiple initiator rule IDs for one process ID
B. Multiple paths for one process ID
C. Multiple agent IDs for one stage
D. Multiple notification templates for one process ID
Answer: BD
QUESTION NO: 49
Which of the following owner types must be assigned to a user to receive the notification that a log report has been generated as the result of a Firefighter session?
A. Mitigation approver
B. Firefighter ID owner
C. Firefighter ID controller
D. Firefighter role owner
Answer: C
QUESTION NO: 50
How are lines and columns linked in a BRFplus initiator decision table?
A. A column to a column through a logical OR
B. A column to a line through a logical OR
C. A column to a column through a logical AND
D. A line to a line through a logical AND
Answer: C
QUESTION NO: 51
You have set up your Firefighter IDs in the target system. Which of the following jobs do you have to run to synchronize these IDs and their role assignments with the Access Control system?
A. GRAC_SPM_WORKFLOW_SYNC
B. GRAC_REPOSITORY_OBJECT_SYNC
C. GRAC_SUPER_USER_MGMT_USER
D. GRAC_PFCG_AUTHORIZATION_SYNC
Answer: B