Okta-Certified-Administrator Okta Certified Administrator Exam Questions and Answers

The Okta On-Prem MFA Agent acts as a Radius client and communicates with the RADIUS enabled On-Prem server, including RSA Authentication manager for RSA SecurIDs. This basically allows your organization to leverage Second Factor from a variety of On-Premises multifactor authentication tools.

Solution: The statement is false

What does it mean: "Mapping Direction AD to Okta"?

Solution: Indicates a schema of attribute values flowing AD towards Okta

Provisioning actions between cloud-based apps / on-premises apps and Okta are completed by using:

Solution: The SCIM standard

Whenever you make an API call, you will then get back:

Solution: Okta events under '/events' endpoint

Which of the following is / are true?

Solution: If an MFA factor is set to 'required' and another MFA factor set to 'optional', then users can enroll into both factors and then can use either of them for successful logins

The SCIM protocol is for provisioning and managing identity data on the web.

Solution: An application-level REST protocol

Once brought into Okta, LDAP roles are represented as:

Solution: Email lists

When using Okta Expression Language, which variable type results out of this Okta Expression? isMemberOfGroup("groupId")

Solution: Graph

Any ... 's credentials verified under "Test API credentials" in an Office365 app integration can allow Okta API integration with Office 365 - permissions which once successfully granted will be used by Okta used for Provisioning related tasks

Solution: Office 365 user

In an SP-initiated SAML 2.0 flow, the SP will never redirect to Okta if the session is already active

Solution: It will always redirect to Okta and in this case only - will promt the user for re-authentication by manually entering Okta credentials

In an SP-initiated SAML 2.0 flow, the SP will never redirect to Okta if the session is already active

Solution: It might be seamless for the user, but the redirect is happening

Regarding Access Request Workflow, when a user requests an app - he can also include a message to the approver. But you can also designate an approver group.

Solution: Only the second statement is true

On a Windows machine, which is the right behavior if you try to sign into your Okta org and agentless DSSO is properly configured for it?

Solution: You will be automatically redirected to your Load-Balancing Application, if you have one configured, enter credentials for it and then redirected back to Okta org

Which is a / are best-practice(s) in a SAML 2.0 situation?

Solution: To not link your admin user from the SP via SAML with a user from Okta, if the app (SP) does not provide a SAML bypass URL

What does SCIM stand for?

Solution: System for CRSF-domain Identity Management

How can SAML provision attributes via JIT? Or even create users?

Solution: By including specific information in the GET API call