Regarding Access Request Workflow, when a user requests an app - he can also include a message to the approver. But you can also designate an approver group.
Solution: Both statements are false
Okta AD Agents can be successfully and completely configured by:
Solution: Super administrators
Okta AD Agents can be successfully and completely configured by:
Solution: Read-only administrators
When a user signs out of Okta, if they are using IWA, they'll be redirected to the Sign In page and without inputting credentials they'll be signed back in
Solution: Statement is true, but then they'll be displayed a 403 HTTP code (Forbidden)
Whenever you make an API call, you will then get back:
Solution: A new object (a user, group or app object)
Any ... <answer_goes_here>'s credentials verified under "Test API credentials" in an Office365 app integration can allow Okta API integration with Office 365 - permissions which once successfully granted will be used by Okta used for Provisioning related tasks
Solution: Office 365 Global Administrator
There might be specific AD attributes, which - apart from others - do not appear in the Okta user profile. Can those extra attributes be mapped and provisioned towards an app?
Solution: Yes, but you need to have a SAML 2.0 integrated app or such flow
Which of the following is / are Okta required attributes?
Solution: None of the above
When you are trying to federate (via WS-FED) Office 365 with Okta:
Solution: You can try to federate multiple Office 365 custom domains into a single Okta Office 365 app instance via SWA SSO protocol
In an agentless DSSO (Desktop Single Sign-on) scenario Okta is the one decrypting the Kerberos ticket, finds then the user name, authenticates the user and passes back a session to the browser.
Solution: The statement is valid, but Okta is not the one doing authentication - IWA Agent and AD Agent are doing that as AD agent verifies the AD user's identity
