Okta Certified Administrator Exam
Last Update May 21, 2024
Total Questions : 132
We are offering FREE Okta-Certified-Administrator Okta exam questions. All you do is to just go and sign up. Give your details, prepare Okta-Certified-Administrator free exam questions and then go for complete pool of Okta Certified Administrator Exam test questions that will help you more.
As an Okta best-practice / recommendation: Okta encourages you to switch from Integrated Windows Authentication (IWA or DSSO) to agentless Desktop Single Sign-on (ADSSO). Okta is no longer adding new IWA functionality and offers only limited support and bug fixes.
Solution: Only the first statement is true
In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because:
Solution: An SP sends SAML assertions, while the IDP receives and validates them
Regarding policies, Okta recommends:
Solution: To include a policy rule that catches not wanted behaviors as a first priority and then label others for permitted behaviors
On a Windows machine, which is the right behavior if you try to sign into your Okta org and agentless DSSO is properly configured for it?
Solution: You will be automatically redirected to The Okta Sign In page for your organization, where you need to fill in with your AD credentials
When does Okta bring LDAP groups into Okta?
Solution: During both LDAP import and JIT
When does Okta bring LDAP roles into Okta?
Solution: Only during an LDAP import
Whenever you make an API call, you will then get back:
Solution: Response headers
After you turn on Desktop SSO, a default DSSO related routing rule is created. You must configure the network information for this rule.
Solution: The statement is true
In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser.
Solution: The statement is valid, but Okta is not the one doing authentication - IWA Agent and AD Agent are doing that as AD agent verifies the AD user's identity
With agentless DSSO (Desktop Single Sign-on), you still have a need of deploying IWA Agents in your Active Directory domains to implement DSSO functionality.
Solution: The statement is true, but not for the part about: the deployment of IWA Agents into Active Directory domains. The IWA Agents can now be deployed on whichever machine, it's a unique functionality that only agentless DSSO has and not on-prem DSSO.
What does it mean: "Mapping Direction AD to Okta"?
Solution: Indicates a schema of attribute values flowing AD towards Okta
Speaking of Okta Template App and Okta Pluin Template App, which of the following RegEx can you create for an allow list of URLS so that both endpoints for /login or /change_password are accepted under example.com domain?
Solution: https://example*.com/(login|change_password)
On a Windows machine, which is the right behavior if you try to sign into your Okta org and agentless DSSO is properly configured for it?
Solution: You will be automatically redirected to your Load-Balancing Application, if you have one configured, enter credentials for it and then redirected back to Okta org
If you want to remove an attribute's value in Okta, for example a value coming from AD that is not useful in any way, you have to:
Solution: Intentionally map a blank value to that specific attribute in the user profile
Does Okta require an Agent to sit in-between Okta to SCIM-enabled app on premises requests?
Solution: Yes, an Okta Provisioning Agent
Which port and which of the: 'http' or SSL enabled connections does Okta recommend?
Solution: Port 443 and http connections
Whenever you make an API call, you will then get back:
Solution: Okta events under '/events' endpoint
In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser.
Solution: The statement is valid, but Okta is not the one doing decryption - the browser is doing that
With Okta Retention Policy, App generated data and reporting based on log data older than how many months is automatically removed (not considering the Backup Data)?
Solution: 3 months