A. FALSE
B. TRUE
C. True and the issuer looks like: https://<subdomain>.okta.com
D. True and the issuer looks like: https://<subdomain>.okta.com/oauth2/${authorizationServerId}
E. True and the issuer looks like: https://okta.com
A. The specified ,client_id, wasn,t found
B. The scopes list contains an invalid or unsupported value
C. The request structure was invalid
A. Cross-Origin Restricted Source
B. Mechanism that allows JavaScript hosted on your website to make XMLHttpRequests to Okta API via session cookie authorization
C. Cross-Origin Resource Sharing
D. Mechanism that allows another domain to request specific restricted resources on a web page with the condition that the domain requesting it is not a subdomain in this case, but a total different one apart from the first one where the resources are hosted on
A. The Service Provider needs to know which Identity Provider to redirect to before it has any idea who the user is
B. The Identity Provider should not provide any information to the SP side for a SAML authentication / authorization process to successfully work, only the SP has to provide the SSO URL and the Entity ID to the IDP
C. The Service Provider needs to know which Identity Provider,s routing rule configured in Okta to use before it has any idea who the IDP is
A. Yes, but refreshable once a user does anything in the browser on his Okta Dashboard, which will refresh the token, thus extending the session time
B. No
C. Yes
A. Ssl
B. Ospx
C. Rdp
D. Ssh
E. Tls
A. They are deactivated and remain Okta users
B. They are set in ,staged, status and sent a new activation email to become Okta users and set a password for such a new user object
C. They are deleted
D. They remain active and set as native Okta users
A. Okta Device Trust protects enterprise data in scenarios where there,s no defined network boundary
B. Okta Device Trust allows only managed devices with your specified security posture to access Okta-integrated apps
C. Okta recommends that you do not apply a ,Not Trusted - Deny, app sign policy to your Okta-federated MDM application, as doing so will prevent new users from enrolling their device in your MDM application and accessing other device trust-secured apps
A. No, as Okta always uses either one of them to communicate to AD and handle requests, hence rendering the other useless. Thus this can,t be a best-practice
B. No, as it will cause latency on the requests
C. Yes, as when one goes down due to various reasons, the other may be able to take and process the requests
A. When there is not enough information from the sign-in attempt to even detect behavior as when no device identifier was provided, so Okta will treat this a a BAD_REQUEST, which results in the policy rule matching
B. When behavior is detected and we have POSITIVE results in the rule matching
C. When there is not enough history to detect behaviors, hence UNKNOWN results are present in policy rule matching
