SAP Certified Application Associate - SAP Access Control 12.0 C_GRCAC_13 Exam Questions

Answer : B, D

According to the SAP Help Portal, you can use end of each path and end of request as provisioning types with auto-provisioning. End of each path means that provisioning is triggered after each stage in a workflow path is completed, and end of request means that provisioning is triggered after all stages in all paths are completed.

Answer : A, C

According to the SAP Blogs2, Service Level Agreement (SLA) time frame options are settings that define how long a workflow task can remain open before it is escalated or expired. There are two types of SLA time frame options: Fixed by Date and Fixed by number of days. Fixed by Date means that the task must be completed by a specific date, such as December 31st. Fixed by number of days means that the task must be completed within a certain number of days after it is created, such as 10 days. Therefore, A and C are the correct answers.B and D are not valid SLA time frame options, as they are not supported by SAP Access Control. Reference:2https://blogs.sap.com/2019/03/14/sap-access-control-12-role-certification/

Answer : B, C, D

According to the SAP Press blog2, some of the available alert capabilities that can be configured in SAP Access Control are identifying a user who has executed conflicting functions, identifying a user who has executed a critical action and opening a support desk message, and identifying a user who has executed a critical action and generating an email notification. These alerts help to monitor and manage compliance by notifying the relevant parties about potential access risks or violations.

Answer : B, D

According to the SAP Press blog3, the data synchronized with GRAC_AUTH_SYNCH can be used to populate the Role Analysis Dashboard, which is a tool that provides an overview of roles and authorizations across connected systems. The data can also be used to populate authorization object text descriptions, which are labels that describe what an authorization object does or controls. The data cannot be used to define a new function or roles in Business Role Management, as these tasks require manual input or configuration.

Answer : B, D

According to the SAP Blogs1, SAP Fiori business catalogs are collections of apps that are organized by business roles or tasks. SAP Access Control delivers four business catalogs for different user groups: SAP_GRC_BC_COMSPL_T for Compliance Specialist, SAP_GRC_BC_CMPLNCMGR_T for Compliance Manager, SAP_GRC_BC_SCRTYMGR_T for Security Manager, and SAP_GRC_BC_AUDITOR_T for Auditor. Therefore, B and D are the correct answers.C is not a valid business catalog for SAP Access Control, and A is a business catalog for Security Manager, not Compliance Manager. Reference:1https://blogs.sap.com/2020/06/30/sap-fiori-solution-for-sap-access-control/

Answer : B

According to the SAP Help Portal, you need to activate GRAC_RA_RULESET_COMMON as a prerequisite for activating GRAC_RA_RULESET_S4HANA_FIORI. GRAC_RA_RULESET_COMMON contains common ruleset definitions that are used by other rulesets, such as GRAC_RA_RULESET_S4HANA_FIORI.

Answer : B, C, E

According to the SAP Help Portal, you can use a custom end-user personalization configuration for various purposes, such as assigning it to an access request template, determining roles that can be assigned on a request, and determining fields shown in a workflow item. Assigning it to an access request template means that you can customize the user interface and functionality of a specific template. Determining roles that can be assigned on a request means that you can restrict or allow certain roles based on criteria such as role type, role level, or role owner. Determining fields shown in a workflow item means that you can hide or display certain fields in the access request form.