Free Practice Questions for SAP C_GRCAC_13 Exam

Answer : C, D

According to the SAP wiki, you need to define a subsequent connector in two scenarios: when all resources are not available on a specific connector and when you are defining a cross system risk. A subsequent connector is a connector that is used to perform additional checks or actions after the main connector has been processed. For example, if a role contains transactions from different systems, you need to define a subsequent connector for each system. If a risk involves transactions from different systems, you need to define a subsequent connector for each system.

Answer : A

According to the SAP wiki, you can use parameter configuration to control how many access requests can be active for a user and a system at the same time. Parameter configuration allows you to customize the SAP Access Control solution by setting various parameters and their values. For example, you can use parameter 4000 Maximum Number of Requests per User per System to limit the number of requests that a user can have for a system.

Answer : B, C

According to the SAP Help Portal1, SAP Access Control supports a connector configuration for User Authentication Data Source data type IDM and User Detail Data Source data type SU01. These data types are used to retrieve user and authentication information from different sources such as SAP Identity Management (IDM) or SAP User Management (SU01).End User Verification SU01 is not a valid data type, and User Search Data Source data type HR is used to search for users in SAP Human Resources (HR) system, not to retrieve user and authentication information. Reference:1https://help.sap.com/docs/connectivity/sap-btp-connectivity-cf/configure-access-control-tcp?locale=en-us

Answer : B, D

According to the SAP Blogs1, one of the methods to ensure that an update to the access risk rule set in the development system will be available for risk analysis in the production system is to download the access risk rules from the development system and upload them into the production system using GRAC_DOWNLOAD_RULES and GRAC_UPLOAD_RULES transactions. Therefore, D is a correct answer. Another method is to generate and insert the access risk rules into the corresponding tables in the production system using GRAC_GENERATE_RULES transaction. Therefore, B is also a correct answer.A and C are not valid activities for updating the access risk rule set, as they are related to connector configuration and transport management, respectively. Reference:1https://blogs.sap.com/2014/04/21/download-modify-and-upload-the-access-risk-analysis-rule-set-in-sap-access-control-10x/

Answer : A, C, D

According to the SAP Blogs1, Business Role Management provides several capabilities for managing roles in SAP Access Control. Some of these capabilities are: Facilitate role creation at the function level (A), Align role definitions with business processes , and Standardize methodology for role assignment (D). These capabilities help to simplify and automate the role design and maintenance process. Therefore, A, C and D are the correct answers.B and E are not valid capabilities of Business Role Management, as they are related to other scenarios, such as Role Certification and Emergency Access Management. Reference:1https://blogs.sap.com/2019/03/14/sap-access-control-12-role-certification/