Pass the Okta Level 2: Administrator Okta-Certified-Administrator Questions and answers with ExamsMirror

Regarding policies, Okta recommends:

Solution: Include a final catch-all rule that denies access to anything that does not match any of the preceding rules

Can you include / exclude users from specific Network Zones defined in Okta from both Sign On and Password policies?

Solution: Only for Sign On policies you have such granularity

When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in

Solution: Statement is false, as this would represent a security concern

Does Okta require an Agent to sit in-between Okta to SCIM-enabled app on premises requests?

Solution: Yes, an Okta Application Integration Agent

In an SP-initiated SAML 2.0 flow, the SP will never redirect to Okta if the session is already active

Solution: It might be seamless for the user, but the redirect is happening

Speaking of Okta Template App and Okta Pluin Template App, which of the following RegEx can you create for an allow list of URLS so that both endpoints for /login or /change_password are accepted under example.com domain?

Solution: https://example*.com/(login|change_password)

Speaking of Okta Template App and Okta Pluin Template App, which of the following RegEx can you create for an allow list of URLS so that both endpoints for /login or /change_password are accepted under example.com domain?

Solution: https://example.com/(login|change_password)

In order for SAML to work, there is a need of an IDP and an SP and we know that already, but why is it so? Because:

Solution: An IDP authorizes the users, while the SP authenticates them

With Okta Retention Policy, App generated data and reporting based on log data older than how many months is automatically removed (not considering the Backup Data)?

Solution: This data is never removed, as per GDPR