Scribd Logo
Carica

Benvenuto in Scribd!

  • GRC Questions

    Caricato da

    Kishore Venigalla
    196 visualizzazioni3 pagine
    SAP Grc Access control 5.3

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    SAP Grc Access control 5.3

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    196 visualizzazioni3 pagine

    GRC Questions

    Caricato da

    Kishore Venigalla
    SAP Grc Access control 5.3

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 3

    GRC Q's:

    1. What are the components of GRC?


    2. What are the upgrades happened in GRC 5.3 from GRC 5.2?
    3. Is it possible to have a request type by which we can change the validity period of a
    user? If possible, then what are the actions?
    4. What's the latest Support Pack for GRC 5.3? How it differs from the previous one?
    5. What are the issues faced by you in ERM & CUP after golive?
    6. Can we change Single roles, objects & Profile description through mass maintenance
    of role? If yes, how?
    7. What are the prerequisites for creating a workflow for user provisioning?
    8. How will you control GRC system if you have multiple rulesets activated?
    9. Can we view the changes of a role, happened in PFCG, through GRC?
    10. How will you mitigate a user against an authorization object which is decided as
    sensitive by Business?
    11. Give an example of SOD with object level control & also decide the Risk implication
    from the Technical standpoint.
    12. Is it possible to assign two roles with different validity period to a user in one shot
    through GRC? If yes, how?
    13. What's the use of Detour path? How Fork path differs from Detour path?
    14. How can you enable self password reset facility in GRC?
    15. Can we have customized actions for creating request types in CUP?
    16. Which SOX rules got inherited in SAP GRC?
    17. How many types of Background job you are familiar with? Why Role/Profile & User
    Sync. job is required?
    18. Where from can we change the default expiration time for mitigating controls? What's
    the default value for the same?
    19. How will you do the mass import of role in GRC?
    20. Explain the total configuration & utility of SPM?
    21. Can we create Logical systems in GRC? If yes, how & what can be the advantages &
    disadvantages of the same?
    22. Can we have different set of number ranges activated for request generation?
    23. Explain, how can we create derived roles in ERM? What will be the significant
    changes in methodology for creating composite roles?
    24. Explain in detail how the different components of the Access Controls suite integrate
    with each other
    25.Explain the key problem areas in implementation of RAR
    26.Explain the key problem areas in implementation of CUP

    Security Q's:
    1. how a transaction code works?
    2. Can we set any password limitations/exceptions in SAP? If yes, how?
    3. What's the basic difference in between SU22 & SU24?
    4. What exactly is SU25? What's the significance of it's 2a,2b,2c & 2d sections?
    5. Other than SU53, how can you get missing authorisation details?
    6. How can we reset the password for 1000 users at one shot? Is it possible?
    7. Is it possible to derive a role which is not having any t-code but have some manually entered
    authorization objects? If yes, how?
    8. Can we reset our self SAP password? Please note, you don't have SU01's authorization.
    9. Suppose my Dev system has 3 clients. In one of the client, I'm making some changes in a
    tcode. Will the changes get reflected in other client's also? If yes, how?
    10. Through which tcode I can do a mass user comparision? What's the daily background job for
    the same?
    11. What does PRGN_STAT & TCODE_MOD table consist of?
    12. What does we check through SM50 & SM51?
    13. Which are the necessary objects for controlling the t-code SU01?
    14. Can we give display access for DEBUGGING to a user? If yes, how?
    15. What are the SAP default Service users & what are their default passwords? What password
    does system bydefault generate for these Service User/s while installing a new client within the
    system?
    16. From where we can create new Authorization field?
    17. Is it possible to assign ABAP role to Portal user? If yes, how?
    18. How can we gain control over Infotypes?
    19. Why we have to generate the profile again after saving the authorization data while role
    creation/modification?
    20. When does a profile become 11 character string?
    21. How can we find out the roles that got directly generated into Production & not imported
    from Quality System? Please note, you don't have any Quality user id.
    22. How CUA can help from Management standpoint of a Business, having SAP installed?
    23.Explain the authorisation concept in detail
    24.Explain how config relates to security
    25.Explain why SU53 is not always accurate

    BASIS Qs
    1) one of the transport is in import mode from last 20 hours , how to solve the
    issue ?
    2) during online back on oracle database, due to power failure sysetm restarts all
    the tables are in begin backup mode , data base is not coming up how to solve?
    3) when updating kernel in a landscape , what is sequence like aplication
    servers , central instance, and database servers
    4) i want to add a data file to a table space their is no space at file system level
    what to do?
    5) Can we take backup on tapes using brtools.?
    6)can any body explain system copy (dbrefresh) on java stack
    7) under which scenarios we shall go for db reorganization

    Potrebbero piacerti anche