問題1
Which controls can user A manage for the following Control Manager role Configuration? See details of perspective trees and control-perspective association below.
Which controls can user A manage for the following Control Manager role Configuration? See details of perspective trees and control-perspective association below.
正確答案: E
問題2
During implementation, you created a Financial Reporting Compliance superuser and assigned this user the following roles:
* Enterprise Risk and Control Manager
* IT Security Manager
* Employee
The superuser logs in to Financial Reporting Compliance but is not able to create new Data Security Policies.
What is wrong?
During implementation, you created a Financial Reporting Compliance superuser and assigned this user the following roles:
* Enterprise Risk and Control Manager
* IT Security Manager
* Employee
The superuser logs in to Financial Reporting Compliance but is not able to create new Data Security Policies.
What is wrong?
正確答案: D
問題3
You are remediating access incidents in Advanced Access Controls (AAC), and have just completed the remediation of a segregation of duties conflict for users in Fusion Security by removing the conflicting access from the users.
What status do you set for the incident in AAC?
You are remediating access incidents in Advanced Access Controls (AAC), and have just completed the remediation of a segregation of duties conflict for users in Fusion Security by removing the conflicting access from the users.
What status do you set for the incident in AAC?
正確答案: C
問題4
How do you associate a risk to a control?
How do you associate a risk to a control?
正確答案: B
問題5
What would happen to an access incident in Advanced Access Controls (AAC) that has been remediated and has a status of "Closed," but poses a conflict again during a subsequent evaluation of controls?
What would happen to an access incident in Advanced Access Controls (AAC) that has been remediated and has a status of "Closed," but poses a conflict again during a subsequent evaluation of controls?
正確答案: B,E
問題6
Your client has configured separate roles for control assessor and control assessment reviewer. The control assessor has submitted his or her assessment. The control assessor realizes later that he or she has forgotten to attach a critical test evidence document to the assessment and needs to attach it now.
How can this be accomplished?
Your client has configured separate roles for control assessor and control assessment reviewer. The control assessor has submitted his or her assessment. The control assessor realizes later that he or she has forgotten to attach a critical test evidence document to the assessment and needs to attach it now.
How can this be accomplished?
正確答案: D
問題7
How do you identify Financial Reporting Compliance Cloud's key stakeholders?
How do you identify Financial Reporting Compliance Cloud's key stakeholders?
正確答案: A
問題8
You have created security roles for the Procure-to-Pay (P2P) Control Manager for the EMEA region in your client's organization. But, there are two problems with his or her security configuration.
Problem 1: This person should not receive notifications to complete control assessments, but currently he or she does.
Problem 2: Also, although he or she has access to controls associated with EMEA, he or she is unable to access controls created for individual regions within EMEA.
You have given him or her the following job role:
* EMEA P2P Control Manager Job Role
* Seeded Control Manager Duty Composite
* Seeded Control Certification Assessor Duty Composite
* EMEA P2P Control Manager Data Security Policy
* Seeded Control Manager Data Security Policy
* Perspective filter where Region Perspective "equals" EMEA
* Perspective filter where Process Perspective "equals" P2P
Which two actions need to be taken to correct the problems? (Choose two.)
You have created security roles for the Procure-to-Pay (P2P) Control Manager for the EMEA region in your client's organization. But, there are two problems with his or her security configuration.
Problem 1: This person should not receive notifications to complete control assessments, but currently he or she does.
Problem 2: Also, although he or she has access to controls associated with EMEA, he or she is unable to access controls created for individual regions within EMEA.
You have given him or her the following job role:
* EMEA P2P Control Manager Job Role
* Seeded Control Manager Duty Composite
* Seeded Control Certification Assessor Duty Composite
* EMEA P2P Control Manager Data Security Policy
* Seeded Control Manager Data Security Policy
* Perspective filter where Region Perspective "equals" EMEA
* Perspective filter where Process Perspective "equals" P2P
Which two actions need to be taken to correct the problems? (Choose two.)
正確答案: A,C