To schedule a User Access Review (UAR) in SAP Access Control, there are certain jobs that must run beforehand to ensure that the necessary data is up to date. The jobs required are:

In the context of an Emergency Access Management (EAM) session in SAP Access Control, the following logs can be collected:

Emergency Access Management (EAM) in SAP Access Control supports the following:

B. Both role- and ID-based firefighting at the same time

Role-based firefighting allows specific users to temporarily gain additional access through assigned roles, while ID-based firefighting provides users with a secondary, elevated access ID for a limited time period. Both these methods can be used simultaneously in the same system based on the specific use case.

Option A and Option C are incorrect because a Firefighter ID can be assigned to multiple users, and multiple Firefighter IDs can be assigned to a single user.

Option D is incorrect because while SAP Access Control supports both centralized and decentralized firefighting, they cannot be enabled at the same time. The system either operates in a centralized firefighting mode, where SAP Access Control centrally manages all firefighting logs and activities, or in a decentralized mode, where each connected system manages its own firefighting logs and activities.

SAP Access Control provides alerting capabilities to help organizations manage compliance. Among the options given, the following are available alert capabilities:

When updating the configuration of a stage detail in your MSMP Workflow configuration, if you want the updated settings to apply to both new and existing requests that are processed at the specified stage, the configuration setting you should use is:

When you need to send a firefight session log to a controller in SAP Access Control, you can use the following methods:

The SAP Access Control functionality in SAP GRC 12.0 is delivered by the component:

B. GRCFND_A

The GRCFND_A component is the technical name for the SAP Business Suite Foundation for Governance, Risk, and Compliance (GRC) which includes the foundational components necessary for SAP Access Control.

Options A, C, and D (UIGRAC01, GRCPIERP, GRCPINW) are not the main components responsible for delivering SAP Access Control functionality. They are components that may be related to different parts of the SAP GRC suite or other SAP products.

A Firefighter ID in SAP Access Control can be assigned to a firefighter using the following method:

To configure Password Self Service (PSS) in SAP Access Control to allow end users to reset their password and process changes to their name, you need to perform the following actions:

B. Maintain target system connector setting for PSS

C. Activate the PSS workflow Process ID

Maintaining the target system connector setting for PSS ensures that the target system can communicate with SAP Access Control for the PSS functionality. Activating the PSS workflow Process ID makes sure the workflow for password self-service is activated and ready for use.

Option A, deactivating password maintenance for the target system in transaction SU01, is not correct because SU01 is the transaction to maintain users in the SAP system, and disabling password maintenance here would prevent users from changing their passwords, which contradicts the goal of enabling PSS.

Option D, setting PSS parameter value to YES in AC Configuration settings, is not a standard configuration step for PSS in SAP Access Control as of my knowledge cutoff in September 2021. However, the configuration steps can change based on specific system settings, updates, or customizations. It’s recommended to check the most up-to-date SAP documentation or contact SAP Support for the latest information.

To make your BRFplus Routing Rule transportable, you should perform the following action:

C. You must assign a package to the Application before you generate the rule.

Packages are used in SAP to organize related development objects together. By assigning the Application to a package before generating the rule, you ensure that the rule (which is an object within the Application) is associated with the package and hence can be included in a transport request. This transport request can then be moved between SAP systems, making the rule transportable.

Options A, B, and D are not correct because assigning a package to the function or application after the rule has been generated does not ensure the rule is included in the transport. It’s important to assign the application to the package before generating the rule to ensure it is properly included in the transport.