SAP SECURITY

SAP Security & GRC made easy

Firefighter Interview Questions

by

 

  1. What is a Firefighter ID, and why is it useful?
  2. What are the different types of users available in SPM (Superuser Privilege Management)?
  3. What is the difference between a Firefighter Owner and a Firefighter Controller?
  4. What roles can be assigned to users in SPM?
  5. What are the key tables related to Firefighter IDs?
  6. How do you configure a Firefighter ID?
  7. How can you assign a Firefighter ID (FFID) to a Firefighter?
  8. What is the background job used to generate Firefighter reports?
  9. How can you retrieve a report of Firefighter ID assignments?
  10. What are the different types of Firefighter IDs available?
  11. What are the critical parameters to configure during Firefighter setup?
  12. How can reports be generated for Firefighter activity, and what types of reports can you obtain?
  13. What is the maximum duration for which an FFID can be assigned to a Firefighter?
  14. In which situations should a Firefighter ID be used?
  15. What settings must be configured to obtain Firefighter ID trace details?

    1. What is a Firefighter ID, and why is it useful?

    A Firefighter ID (FFID) is a special user ID in SAP GRC (Governance, Risk, and Compliance) used for emergency access. It allows users to temporarily perform critical tasks that their regular roles do not permit. Firefighter IDs help track and control privileged access, ensuring compliance and reducing security risks.

    2. What are the different types of users available in SPM (Superuser Privilege Management)?

    SPM (now part of SAP GRC Access Control) has four main user types:

    1. Firefighter ID (FFID) – Special user with elevated access.
    2. Firefighter (User assigned to FFID) – Uses the Firefighter ID for critical tasks.
    3. Firefighter Controller – Monitors and reviews Firefighter activities.
    4. Firefighter Owner – Manages and assigns Firefighter IDs.

    3. What is the difference between a Firefighter Owner and a Firefighter Controller?

    • Firefighter Owner: Responsible for assigning and maintaining Firefighter IDs.
    • Firefighter Controller: Reviews logs and ensures proper use of Firefighter IDs.

    4. What roles can be assigned to users in SPM?

    • /GRC/SAP_GRIA_FFID_OWNER – Firefighter Owner
    • /GRC/SAP_GRIA_FFID_CONTROLLER – Firefighter Controller
    • /GRC/SAP_GRIA_FFID_USER – Firefighter User
    • /GRC/SAP_GRIA_FFID_ADMIN – Firefighter Administrator

    5. What are the key tables related to Firefighter IDs?

    • GRACFFUSER – Stores Firefighter user assignments.
    • GRACFFLOG – Logs Firefighter activities.
    • GRACFFCTRL – Firefighter Controller details.
    • GRACFFOWNER – Firefighter Owner details.

    6. How do you configure a Firefighter ID?

    1. Create a Firefighter ID in SAP.
    2. Assign roles with necessary authorizations.
    3. Assign a Firefighter Owner and Firefighter Controller.
    4. Set up the required background jobs for log generation.
    5. Assign the Firefighter ID to a user.
    6. Test Firefighter ID access and log reporting.

    7. How can you assign a Firefighter ID (FFID) to a Firefighter?

    1. Open SAP GRC Access Control.
    2. Go to NWBC → Access Management → Firefighter ID Owner.
    3. Select Assign Firefighter ID.
    4. Choose the FFID and assign the user.
    5. Save and activate the assignment.

    8. What is the background job used to generate Firefighter reports?

    • GRAC_SPM_LOG_SYNC – Syncs logs from plug-in systems.
    • GRAC_SPM_GRAC_SPM_LOG_SYNC – Generates Firefighter reports.

    9. How can you retrieve a report of Firefighter ID assignments?

    1. Go to NWBC → Reports & Analytics → Access Control Reports.
    2. Choose Firefighter Log Report.
    3. Enter the Firefighter ID or date range.
    4. Execute the report to view assignments and activities.

    10. What are the different types of Firefighter IDs available?

    1. Shared FFID – Used by multiple users.
    2. Individual FFID – Assigned to a single user.
    3. System FFID – Used for system-level emergency access.

    11. What are the critical parameters to configure during Firefighter setup?

    • Log retention period – Define how long logs should be stored.
    • Notification settings – Set up alerts for FFID use.
    • Session timeouts – Set limits for Firefighter sessions.
    • Controller approvals – Ensure controllers review logs.

    12. How can reports be generated for Firefighter activity, and what types of reports can you obtain?

    • Use NWBC → Reports & Analytics → Firefighter Reports.
    • Types of reports:
      1. Usage Report – Who used the FFID and when.
      2. Transaction Log Report – Actions performed.
      3. Audit Report – Controller reviews and approvals.

    13. What is the maximum duration for which an FFID can be assigned to a Firefighter?

    The default session duration is 8 hours, but it can be configured based on security policies.

    14. In which situations should a Firefighter ID be used?

    • Critical production support (e.g., fixing urgent issues).
    • Temporary access for high-risk tasks (e.g., configuration changes).
    • Disaster recovery operations.
    • When regular user roles do not provide the necessary access.

    15. What settings must be configured to obtain Firefighter ID trace details?

    • Enable logging in GRAC_SPM_LOG_SYNC.
    • Ensure audit logs are stored in GRACFFLOG.
    • Configure email notifications for controller reviews.
    • Enable real-time monitoring using SAP GRC dashboards.
By

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)