SAP C_GRCAC_13 Exam Practice Test Instant Access

Question 1

Where can you use a custom field in SAP Access Control? Note: There are 2 correct answers to this question.

ASimplified Access Request

BEnd User Personalization

CControl Definition

DAgent Rule

Answer : B, D

According to the SAP Press blog3, the data synchronized with GRAC_AUTH_SYNCH can be used to populate the Role Analysis Dashboard, which is a tool that provides an overview of roles and authorizations across connected systems. The data can also be used to populate authorization object text descriptions, which are labels that describe what an authorization object does or controls. The data cannot be used to define a new function or roles in Business Role Management, as these tasks require manual input or configuration.

Question 2

You are maintaining the Mapping for Actions and Connector Groups activity in Customizing. Which of the following events should be mapped to the target development system as default when using Business Role Management? Note: There are 2 correct answers to this question.

AAuthorization Maintenance

BProvisioning

CRole Generation

DRole Risk Analysis

Answer : B, C

According to the SAP Help Portal1, you need to map provisioning and role generation events to the target development system as default when using Business Role Management. Provisioning is the process of assigning roles and authorizations to users in the target system, and role generation is the process of creating technical roles based on business roles in the target system. Authorization maintenance and role risk analysis are not events that need to be mapped in Customizing, but functions that can be performed in Access Request Management.

Question 3

You are using the End User Login Page link configured in SAP Access Control. What options are provided for you to use ?Note: There are 3 correct answers to this question.

ASubmit a Template Request

BRegister Security Questions

CReview role assignments

DCreate a Simplified Access Request

ESpecify Approver Delegation

Answer : B, D, E

According to the SAP Help Portal, you can use the End User Login Page link configured in SAP Access Control to register security questions, create a simplified access request, and specify approver delegation. Security questions are used to verify your identity when you reset your password, simplified access request is a streamlined user interface for requesting access, and approver delegation is a feature that allows you to delegate your approval tasks to another user.

Question 4

Business Role Management provides which of the following standard reports? Note: There are 3 correct answers to this question.

AEmbedded Action Calls in Programs of SAP System

BTransactions Executable for User

CUser by Logon Date and Password Change

DPFCG Change History

ERole Relationship with User/User Group

Answer : A, D, E

According to the SAP Help Portal, Business Role Management provides three standard reports: Embedded Action Calls in Programs of SAP System, PFCG Change History, and Role Relationship with User/User Group. Embedded Action Calls in Programs of SAP System report shows which programs contain calls to actions that are assigned to business roles. PFCG Change History report shows changes made to technical roles in PFCG. Role Relationship with User/User Group report shows which users or user groups are assigned to business roles.

Question 5

You want to configure your MSMP Workflow stage definition to ensure that a workflow request that has NOT been processed after a certain period of time can be escalated and approved by another approver. Which of the following options can you use to configure escalation? Note: There are 3 correct answers to this question.

AMaintain Fallback Receiver

BUse Defaults

CEscalate to Specified Agent

DDefine an Alternate Approver

ESkip to Next Stage

Answer : A, C, E

According to the SAP blog1, you can use maintain fallback receiver, escalate to specified agent, and skip to next stage as options to configure escalation. Maintain fallback receiver means that the workflow item is forwarded to a predefined user if no agent is found or if the agent does not respond within a specified time. Escalate to specified agent means that the workflow item is forwarded to another user or role based on a BRFplus rule. Skip to next stage means that the workflow item is moved to the next stage in the path based on a BRFplus rule.

Question 6

Which of the following are prerequisites for scheduling a Role Usage Sync in SAP Access Control? Note: There are 2 correct answers to this question.

AGRCPIERP plug-in has been deployed on target system.

BAn action usage sync has been completed.

CAn authorization sync has been completed.

DGRCPINW plug-in has been deployed on target system.

Answer : A, C

According to the SAP Help Portal, you need to deploy the GRCPIERP plug-in on the target system and execute an authorization sync before you schedule a role usage sync in SAP Access Control. The GRCPIERP plug-in enables the communication between the target system and the SAP Access Control system. The authorization sync synchronizes the PFCG master data (SU24 values) from the target system.

Question 7

You have configured a workflow to require an approval for updates to a function that is contained within a delivered SAP risk. What else must you do enable the approval process?

AActivate the SAP GRAC_FUNC_APPR MSMP Process ID.

BSet the 1064 Function Maintenance parameter to YES.

CActivate the SAP GRAC_RISK_APPR MSMP Process ID.

Answer : B

According to the SAP wiki, you need to set the 1064 Function Maintenance parameter to YES to enable the approval process for updates to a function that is contained within a delivered SAP risk. This parameter controls whether function maintenance requires approval or not.

SAP C_GRCAC_13 SAP Certified Application Associate - SAP Access Control 12.0 Exam Practice Test