Wednesday, 26 February 2014

GRC AC 10.0 Certification Exam Questions and Answers - part-1



These questions and answers are collected from web and friends who is preparing for GRC 10.0 certification exam to help people who is preparing for GRC certification. 

1. Your customer has created a custom transaction code ZFB10N by copying transaction FB10
and  implementing a user exit.
How can you incorporate the customer enhancement into the global rule set so that it will be
available for Risk Analysis?


A. Update security permissions in all relevant authorization objects, maintain the custom program
name in all relevant functions, and generate the access rules
B. Update all relevant functions with ZFB10N, maintain the permission values for all relevant
authorization objects, and generate the access rules
C. Update all relevant functions with ZFB10N, maintain the permission values in the relevant
access risk, and generate the global rule set
D. Update the relevant access risk with ZFB10N, maintain access rules in all relevant functions,
and generate the global rule set
Answer: B

2. Which of the following objects can you maintain in the "Maintain Paths" work area of MSMP workflow configuration? (Choose three)
A. Paths
B. Path versions
C. Rules for path mappings
D. Stage notification settings
E. Stages
Answer: A,D,E

3. Which configuration parameters determine the content of the log generated by the SPM Log
Synch job? (Choose three)?

A. Enable Risk Change log (1002)
B. Enable Authorization Logging (1100)
C. Retrieve System log (4004)
D. Retrieve OS Command log (4006)
E. Retrieve Audit log (4005)
Answer: C,D,E

4. Your customer wants to eliminate false positives from their risk analysis results.
How must you configure Access Control to include organizational value checks when performing a
risk analysis? (Choose two)?


A. Configure organization rules for each relevant function
B. Update the functions that contain each relevant action by activating the fields for the required
permissions and maintaining a value for each specific organization
C. Configure organization rules for each relevant risk
D. Update the functions that contain each relevant action by activating the fields for the required
permissions
E. Configure organization level system parameters to incorporate all organization levels for each
relevant risk

Answer: C,D

5. What do you mitigate using Access Control?
A. Roles
B. Users
C. Risks
D. Functions
Answer: C

6. Your customer wants a manager to fulfill both MSMP workflow agent purposes.
How do you configure this?


A. Maintain the manager agent twice, once for each purpose, using the same agent ID
B. Maintain the manager agent once and assign both purposes to it without using an agent ID
C. Maintain the manager agent twice, once for each purpose, using different agent IDs
D. Maintain the manager agent once and assign both purposes to it using the same agent ID
Answer: C

7. You have identified some risks that need to be defined as cross-system risks. How do you
configure your system to enable cross-system risk analysis?

A. 1. Set the analysis scope of the function to cross-system
2. Create cross-system type connectors
3. Assign the corresponding connectors to the appropriate connector group

4. Generate rules

B. 1. Set the analysis scope of the risk to cross-system
2. Create cross-system type connectors
3. Assign the corresponding connectors to the appropriate connector group
4. Generate rules


C. 1. Set the analysis scope of the risk to cross-system
2. Create a cross-system type connector group
3. Assign the corresponding connectors to the connector group
4. Generate rules


D. 1. Set the analysis scope of the function to cross-system
2. Create a cross-system type connector group
3. Assign the corresponding connectors to the connector group
4. Generate rules
Answer: D

8. What does assigning the Logical Group (SOD-LOG) type to a connector group allow you to do?
A. Run a cross-system analysis
B. Use the connector group for transports to the target system
C. Monitor the target system
D. Use the connector group as a business role management landscape
Answer: D

9. Who approves the review of the periodic segregation of duties?
A. Mitigation monitors
B. Role owners
C. Mitigation approvers
D. Risk owners
Answer: D

10. How are lines and columns linked in a BRFplus initiator decision table?
A. A column to a column through a logical OR
B. A column to a line through a logical OR
C. A column to a column through a logical AND
D. A line to a line through a logical AND
Answer: C
 

Click here for GRC AC 10.0 Certification Exam Questions and Answers - part-2

Please do share if you like this post :)

Tuesday, 4 February 2014

Important SAP Basis and Security Tcodes

Here i am trying to give important Tcodes which is being used by SAP Basis and Security administrators.

User Administration:

SU01
User Maintenance
SU01D
User Display
SU02
Maintain Authorization Profiles
SU03
Maintain Authorizations
SU05
Maintain Internet users
SU10
User Mass Maintenance
SMLG
Maintain Logon Group
SUPC
Profiles for activity groups
SUIM
Info system Authorizations
PFCG
Profile Generator
PFUD
User Master Data Reconciliation
SU53
Last failed authorization
ST01
System trace
SU24
Maintain check indicator
SU25
Profile for upgrade tool

Client Administration:

SCC1
Client copy special
SCC2
Client transport
SCC3
Checking Client Copy Log
SCC4
Client Administration
SCC5
Client Delete
SCC6
Client import
SCC7
Client Import Post Processing
SCC8
Client Export
SCCL
Local Client Copy
SCC9
Remote client copy

Database Administration:

DB01
Analyze exclusive lock waits
DB02
Analyze tables and indexes
DB12
DB Backup log monitor
DB13
DBA Planning Calendar
DB15
Data Archiving: Database Tables



Transport Management System:

STMS
Transport Management System
STMS_IMPORT
tcode for transport import
SE01
Transport and Correction System
SE06
Set Up Workbench Organizer
SE07
CTS Status Display
SE09
Workbench Organizer
SE10
Customizing Organizer
SE11
ABAP/4 Dictionary Maintenance
SE16
Data Browser
SE80
Repository Browser
SM30
Call View Maintenance
SM31
Table Maintenance

Background Jobs Administration:

SM36
Define Background Job
SM37
Background Job Overview
SM39
Job Analysis
SM49
Execute External OS commands
SM62
Maintain Events
SM64
Release of an Event
SM65
Background Processing Analysis Tool
SM69
Maintain External OS Commands


Spool Administration:

SP00
Spool and related areas
SP01
Output Controller
SP01D
Spool output controller
SP02
Display spool request
SP20
Display output request
SPCC
Spool consistency Check
SP11
TEMSE directory
SP12
TEMSE Administration
SPAD
Spool Administration

Other Administration Tcodes:

AL11
Display SAP Directories
BD54
Maintain Logical Systems
OSS1
Logon to Online Service System
SALE IMG
Application Link Enabling
SARA
Archive Management
SICK
Installation Check
SM14
Update Program Administration
 
SM35
Batch Input Monitoring
SM56
Number Range Buffer
SM58
Asynchronous RFC Error Log
SM59
RFC Destinations (Display/Maintain)
SAINT
SAP Add on Installation Tool
SPAM
SAP Patch Manager (SPAM)
SPAU
Display modified DE objects
SPDD
Display modified DDIC objects
ST11
Display Developer Traces


Daily monitoring TCodes:

AL08
Current Active Users
SM04
Users list of local server
SM12
Display and Delete Locks
SM13
Display Update Records
SM21
System Log
SM50
Work Process Overview
SM51
List of SAP Servers
SM66
System Wide Work Process Overview
ST22
ABAP/4 Runtime Error Analysis
ST01
System Trace
ST02
Setups/Tune Buffers
ST03
Performance, SAP Statistics, Workload
ST04
Select DB activities
ST05
Performance trace
ST06
Operating System Monitor
ST10
Table call statistics
SU56
Analyze User Buffer

Other Monitoring Tcodes:

OS01
LAN check with ping
RZ01
Job Scheduling Monitor
RZ03
Presentation, Control SAP Instances
ST07
Application monitor
STAT
Local transaction statistics

Other Useful Transactions Codes

SA38
ABAP reporting
SE38
ABAP Editor
WEDI
IDoc and EDI Basis
WE02
IDoc display
WE07
IDoc statistics
WE20
Partner profiles
WE21
Port definition
WE46
lDoc administration
WE47
Status Maintenance
$TAB
Refreshes the table buffers
$SYNC
Refreshes all buffers, except the program buffer