[2021-9-29] Okta Certified Okta Certified Administrator Exam Questions Ensure Your Success.pdf

Okta Certified Administrator Free Questions Good Demo For Okta Okta Certified Administrator Exam [2021-9-29] Okta Certified Okta Certified Administrator Exam Questions Ensure Your Success 1.When you are trying to federate (via WS-FED) Office 365 with Okta: Solution: You can choose between SAML 2.0 or OIDC for the current integration A. Yes B. No Answer: B 2. The Okta On-Prem MFA Agent acts as a Radius client and communicates with the RADIUS enabled On-Prem server, including RSA Authentication manager for RSA SecurIDs. This basically allows your organization to leverage Second Factor from a variety of On-Premises multifactor authentication tools. Solution: The statement is true A. Yes B. No Answer: A 3. There might be specific AD attributes, which - apart from others - do not appear in the Okta user profile. Can those extra attributes be mapped and provisioned towards an app? Solution: No, it is not possible as Okta queries the whole AD schema and retrieves everything that it's able to A. Yes B. No Answer: B 4. Speaking of Okta Template App and Okta Pluin Template App, which of the following RegEx can you create for an allow list of URLS so that both endpoints for /login or /change_password are accepted under example.com domain? Solution: https://example.com/(login|change_password) A. Yes B. No Answer: A 5. When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in Solution: Statement is true A. Yes B. No Answer: A [2021-9-29] Okta Certified Okta Certified Administrator Exam Questions Ensure Your Success 6. With Okta Retention Policy, App generated data and reporting based on log data older than how many months is automatically removed (not considering the Backup Data)? Solution: This data is never removed, as per GDPR A. Yes B. No Answer: B 7. Okta AD Agents can be successfully and completely configured by: Solution: Read-only administrators A. Yes B. No Answer: B 8. When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in Solution: Statement is false, as this would represent a security concern A. Yes B. No Answer: B 9. On a Windows machine, which is the right behavior if you try to sign into your Okta org and agentless DSSO is properly configured for it? Solution: You will be automatically redirected to your Load-Balancing Application, if you have one configured, enter credentials for it and then redirected back to Okta org A. Yes B. No Answer: B 10. The Okta On-Prem MFA Agent acts as a Radius client and communicates with the RADIUS enabled On-Prem server, including RSA Authentication manager for RSA SecurIDs. This basically allows your organization to leverage Second Factor from a variety of On-Premises multifactor authentication tools. Solution: The statement is partically true - as it has nothing to do with RSA A. Yes B. No Answer: B [2021-9-29] Okta Certified Okta Certified Administrator Exam Questions Ensure Your Success 11. Once brought into Okta, LDAP roles are represented as: Solution: Email lists A. Yes B. No Answer: B 12. In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser. Solution: The statement is valid, but Okta is not the one doing decryption - the browser is doing that A. Yes B. No Answer: B 13. Regarding Access Request Workflow, when a user requests an app - he can also include a message to the approver. But you can also designate an approver group. Solution: Only the second statement is true A. Yes B. No Answer: B 14. The SCIM protocol is <response_is_entered_here> for provisioning and managing identity data on the web. Solution: An application-level REST protocol A. Yes B. No Answer: A 15. After you turn on Desktop SSO, a default DSSO related routing rule is created. You must configure the network information for this rule. Solution: You have nothing to do and even the rule is by default set to "Active" A. Yes B. No Answer: B 16. In Okta's KB articles the set of functions under the 'Provisioning' concept are [2021-9-29] Okta Certified Okta Certified Administrator Exam Questions Ensure Your Success referred to as CRUD. This is a concept you also meet when referring to CRUD APIs . What about its meaning here, in Okta's vision? Solution: In 'Provisioning', CRUD stands for Create, Read, Upload, Deprovision A. Yes B. No Answer: B 17. Regarding Access Request Workflow, when a user requests an app - he can also include a message to the approver. But you can also designate an approver group. Solution: Both statements are true A. Yes B. No Answer: A 18. When a user's Okta password is changed: Solution: All apps that are Provisioning-enabled and have Update Attributes option active under Provisioning settings - will begin to sync the password in respective apps, as password is an attribute of their profile - but only if JIT Provisioning is enabled as well as it has to be a just-in-time action, the moment the user resets the password A. Yes B. No Answer: B 19. When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in Solution: Statement is true, but then they'll be displayed a 403 HTTP code (Forbidden) A. Yes B. No Answer: B 20. When does Okta bring LDAP groups into Okta? Solution: Only during an LDAP import A. Yes B. No Answer: B [2021-9-29] Okta Certified Okta Certified Administrator Exam Questions Ensure Your Success 21. Whenever you make an API call, you will then get back: Solution: A new object (a user, group or app object) A. Yes B. No Answer: B 22. The SCIM protocol is <response_is_entered_here> for provisioning and managing identity data on the web. Solution: An application-level TLS protocol A. Yes B. No Answer: B 23. Can you map the Okta user ID as an Office 365 Immutable ID? Solution: Not possible, as Office 365 requires an Immutable ID extracted from either On-Prem AD or Azure AD A. Yes B. No Answer: B 24. When does Okta bring LDAP groups into Okta? Solution: Only during LDAP JIT A. Yes B. No Answer: B 25. Okta has a json representation of objects such as 'users', json schema interchanged on API calls, as an example, but what about the format of information regarding of a user going to a SCIM server for creating the user in an On Premises application? Solution: Format is different: xml A. Yes B. No Answer: B 26. What does SCIM stand for? Solution: System for CRSF-domain Identity Management A. Yes B. No Answer: B 27. Can you map the Okta user ID as an Office 365 Immutable ID? Solution: Not possible and not intended to be possible as it cannot work like this A. Yes B. No Answer: B 28. Does Okta require an Agent to sit in-between Okta to SCIM-enabled app on premises requests? Solution: Yes, and AD Agent A. Yes B. No Answer: B 29. When using Okta Expression Language, which of the following will have the output: okta.com Solution: String.substringAfter("abc@okta.com", "@") A. Yes B. No Answer: A 30. Regarding policies, Okta recommends: Solution: Include a final catch-all rule that denies access to anything that does not match any of the preceding rules A. Yes B. No Answer: A Go To Okta Certified Administrator Exam Questions Full Version