Академический Документы
Профессиональный Документы
Культура Документы
Q: SAP's GRC solution embeds GRC into the way companies do business and into every
business process.
1. True
2. False
A:1
Q: The unified compliance platform allows complete management of all risks and controls
from a single environment.
1. True
2. False
A: 1
Q: You can find access violations in Process Control and mitigate them with controls that
were documented and certified in Access Control.
A: False
Q: The information architecture leverages the same work centers and navigation across the
GRC solution rather than to completely separate the components.
A: True
Q: In which of the work centers below can you create and maintain organizations?
Choose the correct answers.
1. Setup
2. My Home
3. Rule Setup
4. Master Data
A: 1, 4
Q: Uncontrolled assignment of excessive authorizations can result in users being able to
initiate fraud.
A: True
Q: What is the purpose of the tasks performed during Phase Two of the SoD Risk
Management process (Analyzing, Remediating, and Mitigating Risk)?
Choose the correct answers.
1. Identify authorization risks in business processes
2. Build and validate rules
3. Provide business process analysts and owners with alternatives for correcting or
eliminating risks
4. Ensure ongoing compliance
A: 3
Q: Which of the following common components are shared with Process Control and Risk
Management?
Choose the correct answers.
1. Master Data
2. Workflow
3. Role Mining
4. Superuser Access Management
5. Reports and Dashboards
A: 1,2,5
Q: Which of the following statements are true about the GRC 10.0 Architecture and
landscape?
Choose the correct answers.
1. Access Control, Process Control and Risk Management are contained in one ABAP add-on
called GRCFND_A
2. Access Control, Process Control and Risk Management are contained in three ABAP add-
ons called GRCFND_A, GRCFND_R, and GRCFND_P
3. Content Lifecycle Management (CLM) contains functions for transporting GRC business
data, for example AC Rules or PC Controls
4. GRC configuration/customizing is transported using the standard ABAP transport System
A: 1,3,4
Q: If you use Access Control 10.0 with other GRC solutions, you can leverage this
functionality to: Choose the correct answers.
1. Manage PFCG roles used with GRC
2. Create Process Control or Risk Management users
3. Assign GRC PFCG roles to users
4. Perform SoD analysis for PFCG role authorizations
5. Perorm SoD analysis for entity-level authorization
A: 1,2,3,4
Q: RFC is an interface for communication between SAP client and server to external
programs and data and can enable function calls to SAP systems or external systems.
Choose the correct answers.
1. True
2. False
A: 1
Q: Creating connectors is a Customizing activity that allows you to create Remote Function
Call (RFC) destinations. "
A: True
Q: In Business Role Management, which of the following actions are associated wth the four
phases for which you need to assign a connector?
Choose the correct answers.
1. Role Generation
2. Role Risk Analysis
3. Authorization Maintenance
4. Provisioning
5. Superuser Designation
6. HR Triggers
A: 1,2,3,4,6
Q: Business processes and subprocesses are attributes that you can assign to specific roles.
A: True
Q: Which of the following statements are true about BRFplus rule types? Choose the correct
answers.
1. BRFplus rules can evaluate a request, including individual line items, but the request will
stay intact as a whole
2. BRFplus rules can evaluate a request, but not the individual line items, and the request will
stay intact as a whole
3. BRFplus Flat Rules can evaluate individual line items, but cannot direct each line individually
4. BRFplus Flat Rules can evaluate individual line items and can direct each line Individually
A: 1,4
Q: There can only be one of these rules for each Process ID in MSMP configuration. Choose
the correct answers.
1. Initiator Rule
2. Agent Rule
3. Routing Rule
4. Service Level Agreements Rule
A: 1
Q: To begin setting up a workflow-related MSMP rule, first create the decision table and
then create the BRFplus objects. "
A: False
Q: It is recommended to generate each BRFplus Rule ID (Function) to its own unique BRFplus
application.
A: True
Q: The Business Rules Framework is defined in the IMG, using the BRFplus Workbench.
A: True
Q: The Top Expression is the framework for the rule conditions and result.
True
Q: Which of the following are maintained in the Process Global Settings activities?
Choose the correct answers.
1. Identify paths and stages for the Process ID
2. Selection of the Process ID
3. Submission and closing notifications
4. Escape routes for the specific Process ID
A: 2,3,4
Q: Although the work areas for customizing MSMP workflow are numbered, they do not
need to be performed in sequential order.
A: True
Q: You must select a Process ID in the Process Global Settings work area before moving to
a related work area.
A: True
Q: What is the term for the methods used to determine the rules?
Choose the correct answers.
1. ABAP Programs
2. Function Modules
3. BRFplus Flat Rules
4. Rule Types
A: 4
Q: Rules determine results that are to be utilized during the execution of the workflow.
A: True
Q: If you select the Agent Type PFCG Roles, this means that all users who have the PFCG
role in their user buffer will be the agent.
A: True
Q: Which of the following statements are true about maintaining Notification Variables and
Templates?
Choose the correct answers.
1. Maintain templates by choosing work area 4: Variables & Templates
2. Add a notification template by executing transaction SE61
3. Maintain message variables in work area 4: Variables & Templates
4. The document class for notification templates is Special Text
A: 3
Q: Work Area 5: Maintain Paths includes configuration settings for which of the following?
Choose the correct answers.
1. Maintaining Paths for a Process ID
2. Maintaining Stages for a path
3. Specifying Escape Routes
4. Maintaining Agent IDs
5. Maintaining Recipient IDs
A: 1,2,3
Q: Generating workflow versions enables the ability to change the workflow configuration
while there are other active running paths.
A: True
Q: You can activate the new workflow version even if there are warnings in the log file.
A: True
Q: From which Access Control work center can you view the organization hierarchy?
A: Setup
Q: Mitigating controls are stored in separate locations for Access Control, Process Control,
and Risk Management.
A: False
Q: Which of the following are ways to create a mitigating control within GRC 10.0?
Choose the correct answers.
1. Directly within Access Control
2. When you execute a User Risk Analysis
3. From the User Risk Analysis result view
4. From Process Control within Business Processes
5. From Process Control within Rule Setup
A: 1,3,4
Q: When uploading SoD rules, you must append and not overwrite existing data. "
A: False
Q: Which of the following parameter groups are configured for Analyze and Manage Risk?
Choose the correct answers.
1. Change Log
2. Mitigation
3. Risk Analysis
4. Workflow
5. Superuser Management
A: 1,2,3,4
Q: Which of the following are allowable actions when managing SoD rules?
Choose the correct answers.
1. Generate SoD rules
2. Delete SoD rules
3. Segregate SoD rules
4. Transport SoD rules
A: 1,2,4
Q: Functions are the building blocks for risks, so any changes in functions will have a direct
effect on the access rule set.
A: True
Q: The addition of new functions or changes to existing functions must use the standard
workflow for approvals.
A: False
Q: In a report, you can drill down on functions to see the user ID of the user who modified
a risk.
A: True
Q: With system-specific mitigation, if User 1 is mitigated for Risk A in three systems, then
User 2 must be mitigated for Risk A in the same three systems.
A: False
Q: A wild card (*) in the System field means that the mitigation assignment applies to all
systems.
A: True
Q: The purpose of EAM is to allow users to take responsibility for tasks outside their normal
job function by allowing temporary broad, but regulated, access. "
A: True
Q: Before firefighters can do centralized firefighting, EAM must be configured in the IMG
with an Application Type of 1 for Parameter 4000. "
A: True
Q: In which order must the following steps be performed to configure a Firefighter ID?
Match items from 1st column to the corresponding item in 2nd column.
A. Create Reason Codes
B. Maintain Access Control Owners
C. Assign a Firefighter ID to Controllers and Firefighters
D. Assign an owner to a Firefighter ID
A: B D C A
Q: The assignment for all systems to which the ID/role has access is done from the Setup
work center. "
A: True
Q: One reason code can be created and assigned to multiple client systems. "
A: True
Q: A plug-in handles the procedure for getting data from the client system by fetching the
data and then filtering it into a readable format. "
A: True
Q: Log Collector fetches data from the remote client system. "
A: True
Q: Log reports can be launched under Superuser Management Reports in the Reports and
Analytics work center, as well as from the Consolidated Log Report. "
A: True
Q: Which of the following statements are true about Role Management?
Choose the correct answers.
1. Role attributes are details that define a role during the role definition and creation
process
2. During configuration, you determine values for each attribute
3. During configuration, you assign role attributes to new roles
4. During role creation, you assign the attributes you configured in the IMG
5. During role creation, you determine values for each attribute
A: 1,2,4
Q: You must define required attributes, but not the methodology steps, before defining a
role methodology process. "
A: False
Q: Naming conventions are specific to a system landscape and role type. "
A: True
Q: Which of the following statements about Organizational Value Mapping are true?
Choose the correct answers.
1. Organizational Value Mapping allows you to restrict user access by organizational area
2. You can only create an organizational value map for one organizational area at a time
3. You must always create an organizational value map with a primary organizational level
and value
4. Business Role Management uses the primary organizational level to store and search for
the organizational value
A: 1,3,4
Q: In what order should you perform the following steps to set up Role Methodology?
Match items from 1st column to the corresponding item in 2nd column.
A. Assign Condition Group Type to BRFplus Application and Function
B. Define Role Methodology Process and Steps
C. Create BRFplus rule
D. Associate Role Methodology Process to Condition Group
A: C A B D
Q: The Application name and BRFplus Function name values must be entered manually in
the Assign Condition Group to BRFplus Rules configuration. "
A: True
Q: The Condition Group Type is assigned in the front end of the Access Control application.
A: False
Q: Which of the following statements are true with respect to Defining Role Methodology
and Steps?
Choose the correct answers.
1. Actions are fixed.
2. When a new step is created, it does not need to be associated with a pre-defined action.
3. The phase is the label that will be displayed when a role is created.
4. Process steps must be associated to the methodology process.
A: 1,3,4
Q: Which of the following statements are true about associating a role methodology process
to a condition group?
Choose the correct answers.
1. The condition groups should not be tied to the BRFplus rule.
2. The condition groups must be associated with the BRFplus rule.
3. When the BRFplus rule evaluates to TRUE, then the condition group that is mapped to the
rule will be used.
4. When the BRFplus rule evaluates to TRU01, then the condition group that is mapped to the
rule will be used.
A: 2,3
Q: Which of the following statements are true about technical role definition?
Choose the correct answers.
1. Defining attributes like Business Process and Subprocess is a prerquisie to role definition
2. "Go to Phase" allows users to jump to a specific step in the methodology
3. The Provisioning Allowed flag allows the role to be provisioned through access request
4. To derive a role, organization levels must be set and assigned to the master role
Q: You can map roles to a single role and then provision them all together.
A: True
Q: Which of the following statements are true about CUA Composite Roles?
Choose the correct answers.
1. CUA Composite roles can be imported into Access Control using Mass Import
2. Users cannot execute risk analysis for these roles
3. You can change and derive a CUA Composite role
4. The CUA Composite roles defined in Role Management can be provisioned through
Access Control User Provisioning
A: 1,4
Q: Role authorizations are maintained in the front end using the PFCG application. "
A: False
Q: Before creating a business role, a role methodology and workflow approval must be
created and configured, if these are to be enforced. "
A: True
Q: Transaction usage reports allows administrators to identify roles for review and removal.
A: True
Q: Which of the following statements are true about role certification?
Choose the correct answers.
1. Enables a one-time review of role content
2. The Role Approver certifies the role on a periodic basis
3. E-mail reminders are sent based on the certification period
4. Role Certification can be tracked for audit purposes
A: 3,4
Q: Role Certification attributes are defined in the Properties section of the Role
Maintenance Details screen.
A: True
Q: Which of the following statements are true about Role Mass Maintenance?
Choose the correct answers.
1. Mass Role Derivation allows users to derive many roles at once
2. Mass Role Derivation allows users to update organization values for derived roles
3. Mass Role Import allows roles to be imported directly from the back end.
4. Mass Role Update allows users to update role attributes for many roles at one time
A: 2,3,4
Q: Only one authorization object can be updated during each mass update, but all the field
values can be updated together. "
A: True
Q: You can create access requests for user access and organizational assignments. "
A: True
Q: You can create access accounts and assignments for single users, but not for multiple
users.
A: False
Q: You cannot use custom field values when creating a request from a template. "
A: False
Q: Once the attributes you chose are copied to the request, you can no longer add more
assignments to the request. "
A: False
Q: Which of the following assignments can be made during Organizational Assignment?
Choose the correct answers.
1. Job
2. Position
3. Default Role
4. Organizational Unit
A: 1,2,4
Q: Which of the following statements are true about access aproval requests?
Choose the correct answers.
1. An access request triggers a pre-defined workflow
2. Depending on the configuration, requestors can modify the workflow path
3. The access request must be provisioned before sign-off at each stage
4. Approvers can be specifically named, or open-ended based on job role
A: 1,4
Q: The Request Approval User Interface behaves according to the stage setting selected by
an administrator while configuring the workflow.
A: True
Q: All workflow stages are configured together and share the same configuration settings.
A: False
Q: The visibility of buttons in the Approver's Work Inbox UI are determined by the BC set. "
A: False
Q: Before you can assign reviewer coordinator mapping, you must set a request type and
priority for User Access Review Requests in configuration and set Admin Review Required
to YES.
A: True
Q: Where can you find the access requests that you are supposed to review? Choose the
correct answers.
1. In the Access Management work center
2. In the Master Data work center
3. In the My Homework center
4. In the Reports and Analytics work center
A: 3
Q: How do you remove a role during a review?
Choose the correct answers.
1. Choose Propose Removal
2. Choose Actual Removal
3. Choose Mitigate the Risk
4. You cannot remove a role during a review
A: 2
Q: Put the following steps related to creating custom fields in the correct sequence.
Match items from 1st column to the corresponding item in 2nd column.
A. Create a data type
B. Create the custom fields
C. Assign custom fields to access requests and roles
D. Create a domain
A: D A B C
Q: During the Run phase, you assess operation standards in order to optimize solution
operation and system performance. "
A: True