SAP C_GRCAC_13 SAP Certified Application Associate - SAP Access Control 12.0 Exam Practice Test

Answer : A, C, D

According to the SAP Blogs1, Business Role Management provides several capabilities for managing roles in SAP Access Control. Some of these capabilities are: Facilitate role creation at the function level (A), Align role definitions with business processes , and Standardize methodology for role assignment (D). These capabilities help to simplify and automate the role design and maintenance process. Therefore, A, C and D are the correct answers.B and E are not valid capabilities of Business Role Management, as they are related to other scenarios, such as Role Certification and Emergency Access Management. Reference:1https://blogs.sap.com/2019/03/14/sap-access-control-12-role-certification/

Answer : B, D

According to the SAP Blogs1, one of the methods to ensure that an update to the access risk rule set in the development system will be available for risk analysis in the production system is to download the access risk rules from the development system and upload them into the production system using GRAC_DOWNLOAD_RULES and GRAC_UPLOAD_RULES transactions. Therefore, D is a correct answer. Another method is to generate and insert the access risk rules into the corresponding tables in the production system using GRAC_GENERATE_RULES transaction. Therefore, B is also a correct answer.A and C are not valid activities for updating the access risk rule set, as they are related to connector configuration and transport management, respectively. Reference:1https://blogs.sap.com/2014/04/21/download-modify-and-upload-the-access-risk-analysis-rule-set-in-sap-access-control-10x/

Answer : B, C

According to the SAP Help Portal1, SAP Access Control supports a connector configuration for User Authentication Data Source data type IDM and User Detail Data Source data type SU01. These data types are used to retrieve user and authentication information from different sources such as SAP Identity Management (IDM) or SAP User Management (SU01).End User Verification SU01 is not a valid data type, and User Search Data Source data type HR is used to search for users in SAP Human Resources (HR) system, not to retrieve user and authentication information. Reference:1https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/configure-access-control-tcp?locale=en-us

Answer : A

According to the SAP wiki, you can use parameter configuration to control how many access requests can be active for a user and a system at the same time. Parameter configuration allows you to customize the SAP Access Control solution by setting various parameters and their values. For example, you can use parameter 4000 Maximum Number of Requests per User per System to limit the number of requests that a user can have for a system.

Answer : C, D

According to the SAP wiki, you need to define a subsequent connector in two scenarios: when all resources are not available on a specific connector and when you are defining a cross system risk. A subsequent connector is a connector that is used to perform additional checks or actions after the main connector has been processed. For example, if a role contains transactions from different systems, you need to define a subsequent connector for each system. If a risk involves transactions from different systems, you need to define a subsequent connector for each system.

Answer : A

According to the SAP wiki2, you need to assign PROV as the integration scenario to the target connector when you implement Access Request Management. PROV is an integration scenario that enables provisioning of roles and profiles to users in connected systems.

Answer : C

According to the SAP wiki1, GRAC_REPOSITORY_OBJECT_SYNC executes the following programs in this order: 1. Role Sync 2. Profile Sync 3. User Sync 4. Role Search Sync. Role Sync is a program that synchronizes roles from connected systems into the SAP Access Control repository. Profile Sync is a program that synchronizes profiles from connected systems into the SAP Access Control repository. User Sync is a program that synchronizes users from connected systems into the SAP Access Control repository. Role Search Sync is a program that synchronizes role search data from connected systems into the SAP Access Control repository.