Okta-Certified-Administrator Questions and Answers

When using Okta Expression Language, which of the following will have the output: This is a test

Solution: String.replace("That is a test", "is", "at")

As an Okta best-practice / recommendation: Okta encourages you to switch from Integrated Windows Authentication (IWA or DSSO) to agentless Desktop Single Sign-on (ADSSO). Okta is no longer adding new IWA functionality and offers only limited support and bug fixes.

Solution: Only the second statement is true

In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because:

Solution: An SP sends SAML assertions, while the IDP receives and validates them

What does SCIM stand for?

Solution: System of Cross-scripting-domain Identity Management

Okta AD Agents can be successfully and completely configured by:

Solution: Read-only administrators

If you want to remove an attribute's value in Okta, for example a value coming from AD that is not useful in any way, you have to:

Solution: Delete the mapping by the help of which the value came into Okta User Profile

Can you include / exclude users from specific Network Zones defined in Okta from both Sign On and Password policies?

Solution: You can do this with both policy types mentioned

Which port and which of the: 'http' or SSL enabled connections does Okta recommend?

Solution: Port 80 and SSL enabled connections

In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser.

Solution: The statement is valid, but Okta is not the one doing decryption - the browser is doing that

When does Okta bring LDAP groups into Okta?

Solution: Only during an LDAP import

Once brought into Okta, LDAP roles are represented as:

Solution: Email lists

Regarding Access Request Workflow, when a user requests an app - he can also include a message to the approver. But you can also designate an approver group.

Solution: Both statements are true

Does Okta require an Agent to sit in-between Okta to SCIM-enabled app on premises requests?

Solution: Yes, an Okta Provisioning Agent

Regarding Access Request Workflow, when a user requests an app - he can also include a message to the approver. But you can also designate an approver group.

Solution: Only the second statement is true