OKTA-CERTIFIED-ADMINISTRATOR Online Practice Questions and Answers

With Okta Retention Policy, App generated data and reporting based on log data older than how many months is automatically removed (not considering the Backup Data)? Solution: This data is never removed, as per GDPR

A. Yes

B. No

When a user's Okta password is changed:

Solution: All apps that are Provisioning-enabled and have Update Attributes option active under Provisioning settings - will begin to sync the password in respective apps, as password is an attribute of their profile - but only if JIT Provisioning is enabled as well as it has to be a just-in-time action, the moment the user resets the password

A. Yes

B. No

If you want to remove an attribute's value in Okta, for example a value coming from AD that is not useful in any way, you have to:

Solution: Intentionally map a blank value to that specific attribute in the user profile

A. Yes

B. No

In an SP-initiated SAML 2.0 flow, the SP will never redirect to Okta if the session is already active

Solution: It will always redirect to Okta and in this case only - will promt the user for re- authentication by manually entering Okta credentials

A. Yes

B. No

When does Okta bring LDAP roles into Okta? Solution: During both LDAP import and JIT

A. Yes

B. No

Any ... 's credentials verified under "Test API credentials" in an Office365 app integration can allow Okta API integration with Office 365 - permissions which once successfully granted will be used by Okta used for Provisioning related tasks

Solution: Office 365 Global Administrator

A. Yes

B. No

When you call a GET API call for users / groups / and other such objects, the response is usually Paginated, in case these are a lot of objects returned. What do you do in order to retrieve all objects?

Solution: You have to call a different API request for the next page, which will then provide another API call in the response headers of it - for the following page (in case there are still objects to be returned), till there are no more objects to be returned

A. Yes

B. No

In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because:

Solution: An SP authorizes the users, while the IDP authenticates them

A. Yes

B. No

Okta AD Agents can be successfully and completely configured by: Solution: Super administrators

A. Yes

B. No

With agentless DSSO (Desktop Single Sign-on), you still have a need of deploying IWA Agents in your Active Directory domains to implement DSSO functionality.

Solution: The statement is false

A. Yes

B. No