According to the SAP Help Portal, you can perform two activities in Emergency Access Management: perform tasks outside of the normal responsibilities and display a log file of performed activities. Perform tasks outside of the normal responsibilities means that you can use a firefighter ID or a firefighter role to access a target system and perform emergency activities that require elevated authorizations. Display a log file of performed activities means that you can view the usage procedure log or the security audit log of a firefighting session.

According to the SAP Help Portal, some of the rule sets that are delivered in SAP Access Control are GRAC_RA_RULESET_COMMON, GRAC_RA_RULESET_ERP, and GRAC_RA_RULESET_S4HANA. GRAC_RA_RULESET_COMMON contains common rule set definitions that are used by other rule sets. GRAC_RA_RULESET_ERP contains rule set definitions for SAP ERP systems. GRAC_RA_RULESET_S4HANA contains rule set definitions for SAP S/4HANA systems.

According to the SAP Help Portal, you can map three SAP Access Control applications to a BRFplus function: triggers, initiators, and service level agreements. Triggers are events that initiate a workflow process. Initiators are conditions that determine the workflow path for a request. Service level agreements are rules that define deadlines and escalations for workflow stages.

According to the SAP wiki, you need to define a subsequent connector in two scenarios: when all resources are not available on a specific connector and when you are defining a cross system risk. A subsequent connector is a connector that is used to perform additional checks or actions after the main connector has been processed. For example, if a role contains transactions from different systems, you need to define a subsequent connector for each system. If a risk involves transactions from different systems, you need to define a subsequent connector for each system.

According to the SAP Blogs1, Business Role Management provides several capabilities for managing roles in SAP Access Control. Some of these capabilities are: Facilitate role creation at the function level (A), Align role definitions with business processes , and Standardize methodology for role assignment (D). These capabilities help to simplify and automate the role design and maintenance process. Therefore, A, C and D are the correct answers.B and E are not valid capabilities of Business Role Management, as they are related to other scenarios, such as Role Certification and Emergency Access Management. Reference:1https://blogs.sap.com/2019/03/14/sap-access-control-12-role-certification/