C_GRCAC_12 – SAP Certified Application Associate – SAP Access Control 12.0 (52 Questions)
Category: SAP Certification Questions and Answers Posted:Nov 15, 2022 By: Ashley MorrisonThe “SAP Certified Application Associate – SAP Access Control 12.0” certification exam for the essentials edition certifies that the applicant possesses the fundamental understanding of SAP Governance, Risk and Compliance needed for the consultant profile. With an emphasis on SAP Governance, Risk, and Compliance in a mentored capacity, this certification demonstrates that the applicant has a comprehensive understanding and in-depth technical abilities to participate as a member of a SAP Access Control installation project team. The recommended qualification for entry-level employment is this certification exam.
Topic Areas
C_GRCAC_12 – SAP Certified Application Associate – SAP Access Control 12.0 exam covers the following topics:
GRC Configuration Settings | > 12% |
MSMP Workflow | > 12% |
User Provisioning | > 12% |
Access Risk Management | > 12% |
Emergency Access Management | 8% – 12% |
Integration Framework | 8% – 12% |
Business Role Management | 8% – 12% |
Business Rule Framework | 8% – 12% |
Periodic Review | < 8% |
Get any SAP video course – https://zarantech.teachable.com/courses/category/sap
Exam details:
Total Number of Questions | 80 |
Cut Score | 61% |
Duration | 180 minutes |
Languages | English |
Here is the List of MCQ’s (Multiple Choice Questions): (The correct answers are mentioned with *)
1. Which of the following are benefits of the role methodology in Business Role Management? Note: There are 2 correct answers to this question.
a. Is always the same for all roles
b. Enforce a process flow for role maintenance correct*
c. Allows for the documentation of the role correct*
d. Enforce a process flow for role assignment
2. You want to generate an MSMP rule for MSMP Process ID SAP_GRAC_ACCESS_REQUEST. Which type of rule can you generate? Note: There are 2 correct answers to this question
a. Business Rule
b. ABAP Class Rule correct*
c. Escalation Rule
d. BRFplus Flat Rule correct*
3. You want to restrict a user by specific organizational levels by creating a derived role. How would you complete this task using Business Role Management?
a. Assign an organization
b. Assign a functional area
c. Assign a business process
d. Assign an organizational value map correct*
4. Which of the following activities can you do in Emergency Access Management (EAM)? Note: There are 2 correct answers to this question.
a. Log on to the Firefighter ID directly with a password
b. Maintain EAM master data in the back-end system
c. Display a log file of performed activities correct*
d. Perform tasks outside of the normal responsibilities correct*
5. Which of the following represent a valid Rule Kind when configuring MSMP Workflow? Note: There are 2 correct answers to this question.
a. Agent correct*
b. ABAP Class
c. Notification Variable correct*
d. BRFplus
6. You are updating the configuration of a stage detail during maintenance of your MSMP Workflow configuration. You want to apply the updated configuration to both new and existing requests that are to be processed at the specified stage. Which configuration setting allows you to do this?
a. RT Config Change OK correct*
b. All Roles in Request (Re-evaluate)
c. Reroute
d. Display Review Screen
7. You have created a BRFplus Initiator Rule. Which of the following must be active in BRFplus for MSMP Workflow to utilize your new rule? Note: There are 2 correct answers to this question.
a. Path
b. Process ID
c. Function correct*
d. Application correct*
8. Risk Terminator provides the capability to execute a user level risk analysis for which of the following tools? Note: There are 2 correct answers to this question.
a. SCUA
b. PA30
c. SU01 correct*
d. PFCG correct*
9. Which of the following Business Configuration (BC) sets configure a connector group in SAP Access Control? Note: There are 3 correct answers to this question
a. GRAC_ACCESS_REQUEST_APPL_MAPPING
b. GRAC_RA_RULESET_BASIS
c. GRAC_RA_RULESET_COMMON correct*
d. GRAC_ROLE_MGMT_LANDSCAPE correct*
e. GRAC_RA_RULESET_PSOFT correct*
10. Which of the following solutions are installed with SAP GRC 12.0? Note: There are 3 correct answers to this question.
a. SAP Nota Fiscal Electronica
b. SAP Access Control correct*
c. SAP Global Trade Services
d. SAP Process Control correct*
e. SAP Risk Management correct*
Get any SAP video course – https://zarantech.teachable.com/courses/category/sap
11. Which of the following tasks can you complete using the Role Certification process? Note: There are 2 correct answers to this question.
a. Provide audit trail for role review correct*
b. Periodic review of user’s role assignment
c. Periodic review of role content correct*
d. Periodic review of user segregation of duties
12. Which of the following are possible ways to assign emergency access in Emergency Access Management? Note: There are 2 correct answers to this question.
a. Assign a Firefighter ID to a firefighter owner in SAP Access Control
b. Assign a Firefighter ID to a firefighter in SAP Access Control correct*
c. Assign a Firefighter role to a firefighter in SAP Access Control
d. Assign a Firefighter role to a firefighter in a target system correct*
13. You are defining a custom document object for a Custom Notification Message in MSMP Workflow. What is the correct Document Class?
a. General Text correct*
b. Alert Description
c. Dialog Text
d. Modification Text
14. Which of the following items are mandatory for creating an access request template? Note: There are 2 correct answers to this question.
a. End user personalization correct*
b. Template description
c. Request type correct*
d. Request description
15. Which of the following are functions of the SAP Access Control Solution? Note: There are 3 correct answers to this question.
a. Compliance Certification Sign-Off
b. Privilege Monitoring correct*
c. Risk Response
d. Role Provisioning correct*
e. Risk Analysis correct*
16. Which of the following are features of a business role in SAP Access Control? Note: There are 2 correct answers to this question.
a. They can be viewed in transaction PFCG
b. They are provisioned on target systems
c. They represent a job function correct*
d. They contain one or more technical roles correct*
17. Which of the following logs can be collected for an Emergency Access Management session? Note: There are 3 correct answers to this question.
a. Audit log correct*
b. System log correct*
c. Change log correct*
d. GRC Audit log
e. Application log
18. For which of the following objects can you create an access request? Note: There are 3 correct answers to this question.
a. User correct*
b. Job correct*
c. Division
d. Department
e. Organizational Unit correct*
19. You want to use the User Analysis Dashboard to evaluate Segregation of Duties violations after your most recent batch risk analysis has completed. However, when reviewing the data you realize that the dashboard does not display all of your current users. What do you need do to correct the problem?
a. Execute the Repository Object Sync and then re-execute the user level batch risk analysis. Correct*
b. Execute the Authorization Synch and then re-execute the user level batch risk analysis.
c. Execute the Action Usage Sync followed by the Role Usage Sync and then re-execute the user level batch risk analysis.
d. Execute the user level batch risk analysis again and remove any exclude objects.
20. Which of the following reviewer options does SoD Review support?
a. Manager and Role Owner
b. Manager or Role Owner correct*
c. Manager and Risk Owner
d. Manager or Risk Owner
21. How can you make sure that a risk analysis is performed when you use access request management? Note: There are 2 correct answers to this question
a. Set Enable Offline Risk Analysis parameter to Yes
b. Configure the MSMP workflow stage to require a risk analysis correct*
c. Configure the MSMP workflow path to require a risk analysis
d. Set the Enable Risk Analysis Form on Submission parameter to Yes correct*
22. SAP delivers multiple MSMP Process IDs. You want to implement an MSMP Workflow that targets your SAP S/4HANAsystem. Which BC set do you need to activate as a prerequisite?
a. BC Set GRAC_ROLE_MGMT_LANDSCAPE
b. BC Set GRC_MSMP_CONFIGURATION
c. BC Set GRAC_DT_REQUEST_DISPLAY_SECTIONS
d. BC Set GRAC_RA_RULESET_S4HANA_CORE correct*
23. Why might you integrate Business Role Management with Business Rules Framework? Note: There are 2 correct answers to this question.
a. Determine role owner correct*
b. Determine role methodology correct*
c. Determine role business area
d. Determine role naming convention
24. Which of the following are standard delivered SAP Fiori business catalogs for SAP Access Control? Note: There are 2 correct answers to this question.
a. Access Control Employee correct*
b. Risk Manager
c. Compliance Specialist
d. Compliance Owner correct*
25. You want approver authentication when approving an access request. Which MSMP Workflow stage configuration option can you use?
a. Confirm Approval
b. Approve Despite Risk
c. Approve by Email
d. Reaffirm Approval correct*
26. You are maintaining an initiator rule in MSMP Workflow. Which of the following must you specify?
a. Rule Result correct*
b. Notification Variables
c. Rule Purpose
d. Global Process Initiator
27. You have created a BRFplus Initiator Rule for MSMP Process ID SAP_GRAC_ACCESS_REQUEST using transaction GRFNMW_DEV_RULES but the Decision Table did not get created. Where do you go to manually create a Top Expression for your rule?
a. Business Rule
b. Function
c. Data Object correct*
d. Application
28. You wish to synchronize data from transaction SU24 in the SAP S/4HANA production system into SAP Access Control for use in building a rule set. What is the correct synchronization job schedule for completing this task?
a. It is not possible to synchronize SU24 data from a production system
b. Repository Object Sync followed by an Action Usage Sync
c. Action Usage Sync followed by Role Usage Sync
d. Authorization Sync correct*
29. Which of the following are required to enable Centralized Emergency Access Management (EAM)? Note: There are 2 correct answers to this question.
a. Set the Application Type parameter for Emergency Access Management to value ID in the target system UGRC plug-in correct *
b. Set the Application Type parameter for Emergency Access Management to value ID in SAP Access Control correct *
c. Set the Enable Decentralized Firefighting parameter for Emergency Access Management to YES
d. Set the Enable Decentralized Firefighting parameter for Emergency Access Management to NO
30. What can you use a custom end-user personalization configuration for? Note: There are 3 correct answers to this question.
a. To assign it to the standard access request correct*
b. To assign it to an access request template correct*
c. To restrict a user’s ability to approve their own requests
d. To determine fields shown in a workflow item correct*
e. To determine roles that can be assigned on a request
Join SAP Learner Community on LinkedIn – https://www.linkedin.com/showcase/sap-learner-community
31. A Firefighter ID can be assigned to a firefighter using which of the following methods?
a. By assigning access using an access request correct*
b. By maintaining the assignment in the Governance, Risk and Compliance plug-in on SAP Access Control
c. By assigning a Firefighter Role to the user on the target system
d. By maintaining the assignment in the Governance, Risk and Compliance plug-in on the target system
32. You want to configure your MSMP Workflow stage definition to ensure that a workflow request that has NOT been processed after a certain period of time can be escalated and approved by another approver
Which of the following options can you use to configure escalation? Note: There are 3 correct answers to this question.
a. Define an Alternate Approver
b. Skip to Next Stage correct*
c. Maintain Fallback Receiver correct*
d. Escalate to Specified Agent correct*
e. Use Defaults
33. You are performing an on demand risk analysis at the user level. Which report view can you use to apply a control and remove access?
a. Remediation view*
b. Technical view
c. Business view
d. Detail view
34. Which of the following jobs are a prerequisite for scheduling a User Access Review (UAR)? Note: There are 3 correct answers to this question.
a. Action Usage Sync*
b. Role Comparison
c. Authorization Sync
d. Role Usage Sync*
e. User/Role/Profile sync *
35. You want to configure your MSMP Workflow stage definition to ensure that a workflow request that has NOT been processed after a certain period of time can be escalated and approved by another approver. Which of the following options can you use to configure escalation? Note: There are 3 correct answers to this question.
a. Escalate to Specified Agent*
b. Use Defaults
c. Define an Alternate Approver
d. Skip to Next Stage*
e. Maintain Fallback Receiver *
36. How can you ensure that a coordinator has the opportunity to review UAR request assignments?
a. Set the Admin review required before sending tasks to reviewers parameter for UAR to YES*
b. Schedule the Generate new request for UAR rejected request job
c. Maintain the GRAC_COORDINATOR agent at the approval stage in MSMP Process ID SAP_GRAC_USER_ACCESS_REVIEW
d. Set the Who are the reviewers? parameter for UAR to COORDINATOR
37. Risk Terminator provides the capability to execute a user level risk analysis for which of the following tools? Note: There are 2 correct answers to this question.
a. SCUA
b. PA30
c. SU01*
d. PFCG*
38. Which of the following rule sets are delivered standard in SAP Access Control 12.0? Note: There are 3 correct answers to this question.
a. GRAC_RA_RULESET_JDE*
b. GRAC_RA_RULESET_S4HANA_ALL*
c. GRAC_RA_RULESET_S4HANA_NWBC
d. GRAC_RA_RULESET_COMMON*
e. GRAC_RA_RULESET_JAVA
39. Which of the following must be specified when defining a mitigating control? Note: There are 2 correct answers to this question.
a. Organization*
b. Risk Approver
c. Report
d. Mitigation Monitor *
40. You are maintaining the Mapping for Actions and Connector Groups activity in Customizing. Which of the following events should be mapped to the target development system as default when using Business Role Management? Note: There are 2 correct answers to this question.
a. Role Risk Analysis
b. Authorization Maintenance*
c. Role Generation
d. Provisioning *
Join SAP Learner Community on LinkedIn – https://www.linkedin.com/showcase/sap-learner-community
41. You want to create a role in SAP Access Control. Which of the following attributes are mandatory? Note: There are 3 correct answers to this question.
a. Business Process*
b. Role methodology
c. Project release*
d. Workflow approval path
e. Naming convention*
42. You want to configure your MSMP Workflow stage definition to ensure that a workflow request that has NOT been processed after a certain period of time can be escalated and approved by another approver. Which of the following options can you use to configure escalation? Note: There are 3 correct answers to this question.
a. Define an Alternate Approver
b. Skip to Next Stage*
c. Maintain Fallback Receiver*
d. Escalate to Specified Agent*
e. Use Defaults
43. You are defining connector settings for the connector between your SAP Access Control system and your SAP S/4HANA system. Which of the following integration scenarios should you configure? Note: There are 2 correct answers to this question.
a. AM
b. S4HANA
c. PROV*
d. SUPMG*
44. You want to use Access Request Management to provision access in a target system.
Which of the following actions are required before access can be provisioned using an access request? Note: There are 2 correct answers to this question.
a. Import role definitions in Business Role Management
b. Maintain System Provisioning Configuration*
c. Maintain Global Provisioning Configuration*
d. Maintain custom End User Personalization settings
45. You want to configure an approval workflow to require an approval for updates to a defined function. How do you enable this capability?
a. Flag the function for approval
b. Set the 1064 Function Maintenance parameter to YES*
c. Configure the GRAC_FUNCTION_APPROVER agent
d. Activate the SAP_GRAC_FUNC_APPR MSMP Process ID
46. SAP developed a three phase, six step SoD Risk Management Process for use when implementing Access Risk Analysis. Which of the following steps are a part of this process? Note: There are 3 correct answers to this question.
a. Risk Recognition*
b. Mitigation*
c. Analysis*
d. Role Building and Analysis
e. Rule Set Design
47. Which of the following are standard delivered SAP Fiori business catalogs for SAP Access Control? Note: There are 2 correct answers to this question.
a. Access Control Employee*
b. Risk Manager
c. Compliance Specialist
d. Compliance Owner *
48. You want to enable a maintenance workflow approval process for changes to the Access Risk Analysis environment. For which of the following can you enable an approval workflow? Note: There are 2 correct answers to this question.
a. Rule Set
b. Function*
c. Mitigating Control*
d. SOD Rule
49. You want to create a transportable BRFplus Routing Rule for MSMP Process ID SAP_GRAC_ACCESS_REQUEST using transaction GRFNMW_DEV_RULES. What must be done in order for your rule to be transportable?
a. You must assign a package to the Application after you generate the rule.
b. You must assign a package to the Function after you generate the rule.
c. You must assign a package to the Application before you generate the rule.*
d. You must assign a package to the Function before you generate the rule
50. Which of the following conditions can you use to configure an escape route in MSMP Workflow? Note: There are 2 correct answers to this question.
a. No Role Owner
b. SOD Violation
c. Approver Not Found*
d. Auto Provisioning Failure *
51. How can you make sure that a risk analysis is performed when you use access request management? Note: There are 2 correct answers to this question
a. Set Enable Offline Risk Analysis parameter to Yes
b. Configure the MSMP workflow stage to require a risk analysis*
c. Configure the MSMP workflow path to require a risk analysis
d. Set the Enable Risk Analysis Form on Submission parameter to Yes *
52. Which of the following tasks can you complete using the Role Certification process? Note: There are 2 correct answers to this question.
a. Provide audit trail for role review*
b. Periodic review of user’s role assignment
c. Periodic review of role content*
d. Periodic review of user segregation of duties
Hope these MCQ’s will help you with your SAP certification.
Good Luck!!
Get any SAP video course – https://zarantech.teachable.com/courses/category/sap
Join SAP Learner Community on LinkedIn – https://www.linkedin.com/showcase/sap-learner-community
Visit our website – https://wwwzarantech.com
Keep learning & innovating!
Here is some other SAP Certification MCQ’s for your reference: