There might be specific AD attributes, which - apart from others - do not appear in the Okta user profile. Can those extra attributes be mapped and provisioned towards an app?
Solution: Yes, if you map those attributes from AD to Okta and then Okta to App, as an example

Which is a / are best-practice(s) in a SAML 2.0 situation?
Solution: To never enable SAML for all your end-users

With agentless DSSO (Desktop Single Sign-on), you still have a need of deploying IWA Agents in your Active Directory domains to implement DSSO functionality.
Solution: The statement is false

Which port and which of the: 'http' or SSL enabled connections does Okta recommend?
Solution: Port 443 and http connections

With Okta Retention Policy, App generated data and reporting based on log data older than how many months is automatically removed (not considering the Backup Data)?
Solution: 6 months