Okta-Certified-Consultant試験無料問題集（107題）「Okta Certified Consultant 認定」

出題：1

What is true for SWA, SAML, OIDC?

A. In a SAML / OIDC scenario credentials never leave Okta

B. OIDC is an authentication protocol sitting on top of OAuth 2.0 authorization standard

C. In a SWA login action the credentials and passed to the third party app

D. SWA needed a plugin to complete the SSO tasks

E. SWA is an SSO standard developed by Okta

正解：A,B,C,D,E 解答を投票する

出題：2

Which of the following is / are OAuth 2.0 flow(s):

A. Authorization Code flow

B. Authorization Code flow with PKCE

C. Client Access Authorization flow

D. Client Credentials

E. Server Authorization flow

正解：A,B,D 解答を投票する

出題：3

Advanced Server Access Enrollment is the process where the Advanced Server Access Agent configures a server to be managed by a specific:

A. Project

B. AD Service Account

C. AD server

D. Admin

正解：A 解答を投票する

出題：4

You are faced with the error: "Failed to connect to the specified LDAP server displays.". What is worth to consider checking first?

A. That the ,username, attribute,s format contains the exact ,email, attribute,s address value

B. Email should be in a UPN format, this needs to get checked

C. To make sure you enabled LDAPS

D. To run a query and see if it returns the right port for LDAP (always non-SSL)

正解：C 解答を投票する

出題：5

In a SAML Trace, you can see that on an [Okta (IDP) App SAML request towards an App (SP side)] where you''ve already configured some regex-matching custom SAML attributes (not set in Mappings, but directly in the SAML App''s config) to be passed over, these (which are named in the App''s config as ''User attributes'' or ''Group attributes'') are send:

A. As an API header

B. Back to Okta

C. Unencrypted

D. Encrypted

正解：C 解答を投票する

出題：6

Which is / are access method(s) for Advanced Server Access?

A. Ssl

B. Ospx

C. Rdp

D. Ssh

E. Tls

正解：C,D 解答を投票する

出題：7

After you''ve created your external service, you have to register its endpoint in Okta.

A. Statement is True

B. Statement is False, as only users are registered, not services

C. Statement is False, as you are using Header-Based authentication and the token you provide in API calls acts as an API token, token which is in fact received from the external service itself, hence there is no need to register the service,s endpoint in Okta as on each and every call the authorization header is passed on and it will know exactly which Okta domain is calling the service, so there is no need for a trust to be established in the Okta side as well

正解：A 解答を投票する

出題：8

The Okta RADIUS Server agent:

A. Communicates via TCP, over default port 636 and does not support multiple ports simultaneously

B. Communicates via UDP, over default port 1812 and does not support multiple ports simultaneously

C. Communicates via UDP, over default port 1812 and supports multiple ports simultaneously

D. Communicates via UDP, over default port 1812 and supports multiple ports simultaneously

E. Communicates via TCP, over default port 443 and does not support multiple ports simultaneously

正解：C 解答を投票する

出題：9

Okta implemented a way to receive reports (Okta usage, Okta Password Health, MFA Usage, etc.) via email. True?

A. Yes, even for ,Current Assignments, report

B. No and you can only view those in the Admin Console, as an admin

C. No and will never be implemented, as sending via email is not that secure

正解：A 解答を投票する

出題：10

Can you set up via API a limited and non-refreashable Okta session lifetime?

A. Yes, but refreshable once a user does anything in the browser on his Okta Dashboard, which will refresh the token, thus extending the session time

B. No

C. Yes

正解：C 解答を投票する

Okta-Certified-Consultant試験無料問題集「Okta Certified Consultant 認定」