CCNA Plan and manage an Azure AI solution Questions

75 of 218 questions · Page 2/3 · Plan and manage an Azure AI solution · Answers revealed

76
MCQhard

You are designing a responsible AI solution for a healthcare application that uses Azure AI Vision to analyze medical images. The solution must minimize bias across demographic groups and provide explainability for predictions. Which combination of services should you use?

A.Azure AI Document Intelligence for extracting metadata and Azure AI Language for sentiment analysis.
B.Azure AI Translator for multilingual support and Azure AI Metrics Advisor for monitoring.
C.Azure AI Search for indexing results and Azure AI Anomaly Detector for outliers.
D.Azure AI Content Safety for content moderation and Fairlearn with Azure Machine Learning interpretability.
AnswerD

Content Safety filters inappropriate content; Fairlearn and interpretability address bias and explainability.

Why this answer

Option D is correct because Azure AI Content Safety helps filter harmful content and reduce bias in model outputs, while Fairlearn with Azure Machine Learning interpretability provides tools to assess fairness across demographic groups and explain model predictions. This combination directly addresses the requirements of minimizing bias and providing explainability for medical image analysis.

Exam trap

The trap here is that candidates may confuse general-purpose AI services (like translation or search) with specialized fairness and interpretability tools, overlooking that Fairlearn and ML interpretability are the Azure-native solutions for responsible AI requirements.

How to eliminate wrong answers

Option A is wrong because Azure AI Document Intelligence extracts text from documents and Azure AI Language performs sentiment analysis, neither of which addresses bias minimization or explainability for image analysis. Option B is wrong because Azure AI Translator provides multilingual translation and Azure AI Metrics Advisor monitors time-series data, both irrelevant to bias detection or model interpretability in medical imaging. Option C is wrong because Azure AI Search indexes searchable content and Azure AI Anomaly Detector identifies outliers in time-series data, neither of which offers fairness assessment or explainability for AI vision predictions.

77
MCQhard

You are responsible for an Azure AI solution that uses Custom Vision to classify manufacturing defects. The model must achieve high recall to avoid missing defects. The current model has high precision but low recall. Which action should you take?

A.Add more images of non-defective items to the training set
B.Increase the number of training iterations
C.Lower the probability threshold for the defect class
D.Increase the probability threshold for the defect class
AnswerC

Lowering the threshold increases the number of positive predictions, thus improving recall.

Why this answer

Lowering the probability threshold for the defect class means the model will classify an image as defective even when its confidence score is lower. This increases the number of true positives (defects caught), directly improving recall at the cost of potentially more false positives. In Custom Vision, the default probability threshold is 50%, and adjusting it downward is the standard technique to prioritize recall over precision.

Exam trap

The trap here is that candidates confuse precision and recall, often assuming that increasing the threshold (making the model stricter) will improve overall performance, when in fact it reduces recall by missing more defects.

How to eliminate wrong answers

Option A is wrong because adding more images of non-defective items would bias the model toward the non-defective class, likely reducing recall further by making the model more conservative in predicting defects. Option B is wrong because increasing the number of training iterations (epochs) primarily helps the model converge better on the training data but does not directly control the precision-recall trade-off; it may even lead to overfitting without improving recall. Option D is wrong because increasing the probability threshold for the defect class would require higher confidence to classify a defect, which reduces false positives but also reduces true positives, thereby lowering recall even further.

78
MCQmedium

You are designing an AI solution that uses Azure OpenAI Service to answer customer queries. The solution must ensure that the model does not generate harmful or inappropriate content. Which Azure AI service should you configure to enforce content safety policies?

A.Azure AI Speech
B.Azure OpenAI Service
C.Azure AI Content Safety
D.Azure AI Search
AnswerC

Azure AI Content Safety provides content moderation and filtering.

Why this answer

Azure AI Content Safety is the dedicated service for detecting and filtering harmful content such as hate speech, violence, self-harm, and sexual content. It provides configurable severity thresholds and can be integrated with Azure OpenAI Service to enforce content safety policies on model inputs and outputs. This ensures the AI solution meets responsible AI requirements without modifying the underlying model.

Exam trap

The trap here is that candidates assume Azure OpenAI Service has built-in configurable content safety policies, but in reality, it only provides default safety systems; custom policies require Azure AI Content Safety.

How to eliminate wrong answers

Option A is wrong because Azure AI Speech is focused on speech-to-text, text-to-speech, and speech translation capabilities, not on content moderation or safety policy enforcement. Option B is wrong because Azure OpenAI Service itself does not include built-in content safety policy configuration; it relies on Azure AI Content Safety for such filtering, though it has default safety systems, those are not user-configurable for custom policies. Option D is wrong because Azure AI Search is a cognitive search service for indexing and querying data, not for content moderation or safety filtering.

79
MCQmedium

Your organization uses Microsoft Entra ID for identity management. You are building an AI solution that uses Azure AI Vision to analyze images. The solution must use managed identities to authenticate to the Vision resource. Which RBAC role should you assign to the managed identity?

A.Owner
B.Cognitive Services User
C.Reader
D.Contributor
AnswerB

This role allows API access without management permissions.

Why this answer

The Cognitive Services User role (B) is the correct RBAC role because it grants the minimum required permissions for a managed identity to call Azure AI Vision APIs (e.g., analyze image, OCR) without allowing any write or management operations. This role is specifically designed for accessing Azure Cognitive Services endpoints, and it aligns with the principle of least privilege for authentication via managed identities.

Exam trap

The trap here is that candidates often confuse the Reader role (which grants read access to the resource's Azure Resource Manager properties) with the ability to read data from the service, but Reader does not include data-plane permissions for Cognitive Services APIs.

How to eliminate wrong answers

Option A (Owner) is wrong because it grants full control over the Vision resource, including the ability to delete or modify the resource itself, which is excessive and violates security best practices for a managed identity that only needs to call APIs. Option C (Reader) is wrong because it only allows read access to the resource's metadata and configuration (e.g., viewing keys or endpoints) but does not grant permission to call the Vision API endpoints for image analysis. Option D (Contributor) is wrong because it allows creating and managing resources (e.g., deploying models or changing settings) but does not include the specific 'Cognitive Services User' data-plane permission required to authenticate and invoke the Vision API.

80
MCQhard

You are designing a solution that uses Azure AI Translator to translate customer support tickets. The solution must handle confidential data and ensure no data leaves the specified Azure region. What should you do?

A.Enable customer-managed keys and disable logging
B.Use the global Translator endpoint
C.Create a Translator resource with a private endpoint and disable public network access
D.Use the S1 pricing tier to ensure regional processing
AnswerC

Keeps data within the region and private network.

Why this answer

Option C is correct because using a private endpoint ensures that all traffic to the Translator resource stays within the Azure virtual network and never traverses the public internet, while disabling public network access enforces that no data can leave the specified Azure region. This combination meets the requirement for handling confidential data with regional data residency guarantees.

Exam trap

The trap here is that candidates often confuse encryption (CMK) or pricing tiers with network-level data residency controls, failing to realize that only private endpoints combined with disabled public access can guarantee data never leaves the specified region.

How to eliminate wrong answers

Option A is wrong because customer-managed keys (CMK) control encryption at rest, not data residency or network isolation, and disabling logging does not prevent data from leaving the region. Option B is wrong because the global Translator endpoint routes traffic through Microsoft's global network and may process data outside the specified Azure region, violating the data residency requirement. Option D is wrong because the S1 pricing tier only affects throughput and capacity, not the geographic processing location; regional processing is determined by the resource's region and network configuration, not the pricing tier.

81
Multi-Selecteasy

A company is planning to use Azure AI services. They require the ability to audit all API calls for compliance. Which THREE components should they enable?

Select 3 answers
A.Azure Monitor
B.Log Analytics workspace
C.Diagnostic settings for the AI service
D.Azure RBAC roles for the service
E.Managed identity for the service
AnswersA, B, C

Azure Monitor collects and analyzes logs from AI services.

Why this answer

Azure Monitor is correct because it provides a centralized platform for collecting, analyzing, and acting on telemetry data from Azure resources, including API call logs. By enabling diagnostic settings for the AI service, you can route audit logs (such as all REST API requests and responses) to Azure Monitor, which then integrates with Log Analytics for querying and alerting. This triad—Azure Monitor, Log Analytics workspace, and diagnostic settings—forms the complete pipeline required to audit all API calls for compliance.

Exam trap

The trap here is that candidates often confuse auditing (logging API calls) with security controls like RBAC or Managed Identity, mistakenly thinking that controlling access or identity automatically provides an audit trail, whereas auditing requires explicit diagnostic logging and a monitoring pipeline.

82
MCQhard

Your Azure AI Search index stores customer support tickets. You need to implement a search feature that returns semantically similar results even if the query uses different wording. Which configuration should you enable?

A.Use simple query parsing with searchMode=any
B.Add a synonym map with custom entries
C.Enable semantic search and configure a semantic configuration
D.Enable fuzzy search on the index
AnswerC

Semantic search uses AI to understand intent and return conceptually relevant results.

Why this answer

Semantic search in Azure AI Search uses deep neural networks to understand the intent and context of a query, returning results that are semantically similar even when the wording differs. By enabling semantic search and configuring a semantic configuration, you define which fields are used for summarization and ranking, which directly addresses the requirement for meaning-based matching rather than keyword matching.

Exam trap

The trap here is that candidates often confuse synonym maps (which handle predefined word equivalence) with semantic search (which handles contextual meaning), leading them to choose synonym maps when the question explicitly requires handling of different wording beyond simple synonyms.

How to eliminate wrong answers

Option A is wrong because simple query parsing with searchMode=any only controls how terms are combined (OR logic) and does not provide any semantic understanding or synonym expansion. Option B is wrong because a synonym map expands queries to include predefined equivalent terms, but it cannot handle novel or context-dependent paraphrasing that semantic search can. Option D is wrong because fuzzy search corrects for typos and minor spelling variations by using Levenshtein distance, but it does not capture semantic similarity between different words or phrases.

83
Multi-Selecthard

You are deploying an Azure AI solution that uses multiple services. You need to manage access keys securely. Which TWO methods should you use?

Select 2 answers
A.Use Azure Key Vault to store the keys.
B.Use managed identities for Azure resources where possible.
C.Embed the keys directly in application code.
D.Store keys in Azure App Configuration.
E.Use Key Vault's automatic key rotation feature.
AnswersA, B

Key Vault securely stores secrets like access keys.

Why this answer

Azure Key Vault is the recommended service for securely storing and managing access keys, secrets, and certificates. By storing AI service keys in Key Vault, you centralize secret management, control access via Azure RBAC, and avoid hardcoding credentials in code or configuration files. This aligns with the principle of least privilege and reduces the risk of accidental exposure.

Exam trap

The trap here is that candidates often confuse Azure App Configuration with Azure Key Vault, thinking App Configuration can securely store secrets, but App Configuration is for non-sensitive settings and lacks the dedicated security controls (e.g., hardware security modules, access policies, and audit logging) that Key Vault provides.

84
MCQeasy

Your company is developing an AI-powered document processing solution using Azure AI Document Intelligence. The solution must extract data from scanned PDF forms. The forms are in a custom format not supported by prebuilt models. You have 10,000 labeled forms for training. The solution must be deployed in a region that supports Document Intelligence and must be accessible via a REST API. You need to ensure the solution can process forms with high accuracy. What should you do?

A.Use Azure AI Language to extract entities from the text
B.Train a custom extraction model using the labeled forms
C.Use a prebuilt model and map fields manually
D.Use the Read model and write custom logic to extract fields
AnswerB

Custom model trained on labeled data provides high accuracy.

Why this answer

Option B is correct because Azure AI Document Intelligence supports training custom extraction models using labeled forms, which is essential for handling custom form layouts not covered by prebuilt models. With 10,000 labeled forms, you have sufficient data to train a high-accuracy model that extracts specific fields via the REST API, meeting the deployment and accessibility requirements.

Exam trap

The trap here is that candidates may confuse Azure AI Language's entity extraction with Document Intelligence's form extraction, or assume that a prebuilt model can be adapted via manual mapping, when in reality custom training is mandatory for unsupported formats.

How to eliminate wrong answers

Option A is wrong because Azure AI Language is designed for text analytics and entity extraction from unstructured text, not for structured field extraction from scanned forms, and it cannot learn custom form layouts. Option C is wrong because prebuilt models are designed for standard form types (e.g., invoices, receipts) and cannot be manually mapped to extract fields from a custom format, leading to poor accuracy. Option D is wrong because the Read model only performs OCR (optical character recognition) to extract raw text and layout, requiring custom logic to identify and extract specific fields, which is error-prone and does not leverage the labeled training data for high accuracy.

85
MCQeasy

You are deploying a custom Azure AI Language question answering project. The solution must only answer questions based on a specific set of internal FAQ documents. Which data source type should you use when creating the project?

A.URLs or files containing FAQ content
B.Prebuilt model from Azure AI Language
C.Azure SQL Database with a QnA Maker schema
D.Azure Cognitive Search index
AnswerA

Custom question answering allows URLs or files as data sources.

Why this answer

Option A is correct because Azure AI Language custom question answering is designed to ingest structured FAQ content from URLs or files. When you create a custom project, selecting 'URLs or files containing FAQ content' as the data source type allows the service to automatically extract question-answer pairs from the provided documents, ensuring the solution only answers questions based on that specific set of internal FAQs.

Exam trap

The trap here is that candidates may confuse the data source types for creating a custom project with the broader integration options (like Cognitive Search or SQL), leading them to select a wrong option that is technically possible but not the correct data source type for the initial project creation.

How to eliminate wrong answers

Option B is wrong because a prebuilt model from Azure AI Language is a general-purpose, pretrained model that does not use your specific FAQ documents; it answers based on general knowledge, not your internal content. Option C is wrong because Azure SQL Database with a QnA Maker schema is a legacy approach from the deprecated QnA Maker service; Azure AI Language custom question answering does not support direct ingestion from a SQL database with that schema. Option D is wrong because an Azure Cognitive Search index is a separate search service that can be used as a custom answer source via the 'Custom question answering' feature, but it is not a data source type for creating the project itself; the project creation requires FAQ URLs or files as the initial data source.

86
Drag & Dropmedium

Drag and drop the steps to create a custom question answering project in Azure Language Service into the correct order.

Drag steps to the numbered slots on the right, or tap a step then tap a slot.

Steps
Order

Why this order

First, create the Azure resource. Then access Language Studio, create the project, add QnA pairs, and finally train and deploy.

87
Multi-Selectmedium

Which TWO actions should you take when designing an Azure AI solution that uses Microsoft Foundry to ensure responsible AI practices?

Select 2 answers
A.Implement a human-in-the-loop review for critical decisions
B.Optimize the model for maximum throughput
C.Run an AI fairness assessment on the model
D.Store all training data indefinitely for auditability
E.Remove all explainability metrics to simplify the model
AnswersA, C

Ensures oversight.

Why this answer

Option A and C are correct. Option A is correct because an AI fairness assessment detects bias. Option C is correct because a human-in-the-loop review provides oversight.

Option B is wrong because storing all data indefinitely violates privacy. Option D is wrong because performance is not a responsible AI practice. Option E is wrong because removing all metrics hinders transparency.

88
MCQeasy

You are responsible for managing costs for Azure AI services used by multiple teams. You notice that costs are higher than expected. Which two actions should you take to reduce costs without impacting performance?

A.Set up budgets and alerts in Cost Management.
B.Migrate all services to a higher tier for better performance.
C.Evaluate and choose the appropriate pricing tier based on usage patterns.
D.Deactivate unused resources to save costs.
AnswerA, C

Alerts help prevent cost overruns.

Why this answer

Option A is correct because setting up a budget alert helps monitor spending. Option C is correct because choosing a tier that matches actual usage avoids overpaying. Option B is wrong because it does not reduce costs.

Option D is wrong because deactivating resources would impact performance.

89
Multi-Selecthard

Which TWO Azure AI services can be used to build a conversational AI system that handles multi-turn dialogues with context?

Select 2 answers
A.Azure AI Search
B.Azure AI Language
C.Azure OpenAI Service
D.Azure AI Content Safety
E.Azure AI Bot Service
AnswersB, C

Conversational language understanding supports multi-turn.

Why this answer

Azure AI Language provides conversational language understanding (CLU) capabilities that enable you to build a model capable of understanding multi-turn dialogues by maintaining context across user utterances. Azure OpenAI Service offers advanced language models like GPT-4, which can handle multi-turn conversations with context through prompt engineering and conversation history, making it suitable for building conversational AI systems.

Exam trap

Microsoft often tests the distinction between a platform (Azure AI Bot Service) and the actual AI services that provide the intelligence, leading candidates to mistakenly select Bot Service as a conversational AI service rather than recognizing it as a hosting and orchestration layer.

90
MCQeasy

You are deploying an Azure AI Speech custom voice model. After training, the voice sounds unnatural. Which parameter should you adjust to improve naturalness?

A.Change the audio output format to 48 kHz
B.Increase the speaking rate
C.Increase the training duration
D.Use a different language for the training data
AnswerC

Longer training with more data typically yields more natural voices.

Why this answer

Increasing the training duration (Option C) allows the custom voice model to learn more nuanced prosody, intonation, and phonetic patterns from the training data, directly improving naturalness. Azure AI Speech's custom neural voice (CNV) training uses deep neural networks that benefit from extended epochs to reduce overfitting and enhance voice quality.

Exam trap

The trap here is that candidates confuse output format or speaking rate adjustments with model training parameters, mistakenly believing that post-processing can fix unnaturalness that actually stems from insufficient model convergence.

How to eliminate wrong answers

Option A is wrong because changing the audio output format to 48 kHz affects sample rate and bit depth, not the linguistic or prosodic naturalness of the voice; naturalness is driven by model training, not output encoding. Option B is wrong because increasing the speaking rate artificially speeds up the synthesized speech, which typically makes it sound more robotic and less natural, not more human-like. Option D is wrong because using a different language for training data would mismatch the target language, causing incorrect phoneme mapping and degraded naturalness; the training data language must match the target voice language.

91
MCQmedium

A developer is building a chatbot using Azure Bot Service and Language Understanding (LUIS). The bot needs to handle multiple intents, including 'BookFlight', 'CancelFlight', and 'CheckWeather'. During testing, the bot frequently confuses 'BookFlight' and 'CancelFlight' intents. What is the most effective way to improve intent classification accuracy?

A.Reduce the number of intents by merging similar ones.
B.Increase the confidence threshold for intent predictions.
C.Add more entities to the utterances.
D.Add more varied training utterances for 'BookFlight' and 'CancelFlight' intents.
AnswerD

More diverse training data improves the model's ability to distinguish similar intents.

Why this answer

Adding more varied training utterances for the 'BookFlight' and 'CancelFlight' intents directly addresses the root cause of confusion: insufficient or overlapping training data. LUIS relies on diverse utterance patterns to distinguish between semantically similar intents; increasing the quantity and variety of labeled examples improves the model's ability to learn discriminative features, thereby boosting classification accuracy.

Exam trap

The trap here is that candidates often confuse confidence thresholds with model improvement, thinking that raising the threshold will fix misclassifications, when in reality it only masks the problem by rejecting more utterances instead of improving the model's discriminative power.

How to eliminate wrong answers

Option A is wrong because merging similar intents would reduce the bot's functionality and is not a best practice for improving accuracy—it avoids the problem rather than fixing the model's discrimination. Option B is wrong because increasing the confidence threshold only filters out low-confidence predictions but does not improve the underlying model's ability to distinguish between intents; it may cause more utterances to be misclassified or rejected. Option C is wrong because entities are used to extract specific data from utterances, not to differentiate between intents; adding more entities does not help the model learn which intent an utterance belongs to.

92
MCQhard

You are designing a solution that uses Azure AI Vision to analyze images for moderation. The solution must detect adult content and identify text in images. You need to minimize latency and cost. Which approach should you recommend?

A.Call the Analyze Image API twice: once for adult content and once for OCR
B.Use the Computer Vision 3.2 API with the 'adult' and 'OCR' parameters
C.Call the Analyze Image API with the 'adult' and 'read' visual features
D.Use the Read API for text and the Content Moderator API for adult content
AnswerC

Single call handles both tasks efficiently.

Why this answer

Option C is correct because the Analyze Image API in Azure AI Vision supports multiple visual features in a single call, including 'adult' for adult content detection and 'read' for OCR (text extraction). This minimizes latency by avoiding multiple API calls and reduces cost since you are billed per API call, not per feature.

Exam trap

The trap here is that candidates may think separate API calls or older API versions (like Computer Vision 3.2) are required for different tasks, but the Analyze Image API supports multiple visual features in a single call, which is the most efficient approach.

How to eliminate wrong answers

Option A is wrong because calling the Analyze Image API twice doubles both latency and cost, as each call incurs a separate charge and network round-trip. Option B is wrong because the Computer Vision 3.2 API does not support an 'OCR' parameter; OCR is handled via the 'read' visual feature in the Analyze Image API or the dedicated Read API. Option D is wrong because using separate APIs (Read API for text and Content Moderator API for adult content) increases latency and cost due to multiple calls, and the Content Moderator API is a separate service that is not optimized for the same single-call efficiency as the Analyze Image API.

93
MCQmedium

A company uses Azure AI Search to index product catalogs. The search must support multilingual queries and return results in the user's language. What should you configure?

A.Assign appropriate language analyzers to fields
B.Create synonym maps for each language
C.Configure scoring profiles based on language
D.Enable semantic search
AnswerA

Language analyzers handle language-specific tokenization and stemming.

Why this answer

Azure AI Search allows you to assign language-specific analyzers (e.g., Microsoft English, French, Arabic) to individual fields in the index. When a query is submitted, the search engine uses the analyzer associated with the field to tokenize and normalize the text according to the linguistic rules of that language, enabling accurate multilingual search and returning results in the user's language.

Exam trap

The trap here is that candidates confuse semantic search (which improves relevance via deep learning) with language-specific analysis, not realizing that semantic search still requires language analyzers for proper tokenization and stemming in multilingual scenarios.

How to eliminate wrong answers

Option B is wrong because synonym maps expand query terms to include equivalent terms (e.g., 'car' and 'automobile') but do not handle language-specific tokenization, stemming, or normalization required for multilingual search. Option C is wrong because scoring profiles boost results based on metadata like freshness or field weight, not on language detection or linguistic processing. Option D is wrong because semantic search improves relevance by understanding intent and context (using L2 re-ranking) but does not inherently support multilingual analysis; it still relies on language analyzers for tokenization.

94
MCQmedium

A company is building a custom question-answering solution using Azure AI Language. They need to ensure that the model can provide answers from a set of internal documents, but only to authenticated users from the company's Azure Active Directory tenant. The solution should minimize latency and cost. Which deployment option should the team choose?

A.Deploy a custom question-answering model using a dedicated Azure AI Language resource with a private endpoint and managed identity.
B.Use the public endpoint of Azure AI Language with Azure AD token-based authentication.
C.Deploy a serverless endpoint with Azure Functions and Azure Cognitive Search.
D.Use the prebuilt question-answering model from Azure AI Language with a custom answer list.
AnswerA

This provides secure access via private endpoint and managed identity, and dedicated resources ensure low latency and predictable cost.

Why this answer

Option A is correct because deploying a custom question-answering model with a dedicated Azure AI Language resource, a private endpoint, and managed identity ensures that only authenticated users from the company's Azure AD tenant can access the solution via private network connectivity, minimizing latency by avoiding public internet routing and reducing cost by using a dedicated (not serverless) resource that can be right-sized.

Exam trap

The trap here is that candidates often assume Azure AD token-based authentication alone is sufficient for security, overlooking that a public endpoint still exposes the service to internet-based attacks and latency, while private endpoints are required for true network isolation.

How to eliminate wrong answers

Option B is wrong because using the public endpoint with Azure AD token-based authentication still exposes the endpoint to the public internet, increasing latency and security risk, and does not meet the requirement for private access. Option C is wrong because deploying a serverless endpoint with Azure Functions and Azure Cognitive Search introduces additional components and cold-start latency, increasing cost and complexity without providing the native private endpoint and managed identity integration of Azure AI Language. Option D is wrong because the prebuilt question-answering model cannot be customized to answer from a specific set of internal documents; it only provides general answers from a predefined knowledge base, and custom answer lists are limited to static Q&A pairs, not document-based retrieval.

95
Multi-Selectmedium

Which TWO actions should you take to ensure compliance with data privacy regulations when using Azure AI Language to process customer support transcripts that contain personally identifiable information (PII)?

Select 2 answers
A.Disable diagnostic logging for the resource.
B.Use customer-managed keys (CMK) for encryption.
C.Apply Azure AI Content Safety filters to anonymize personal data.
D.Enable PII detection and redaction in the Azure AI Language service.
E.Configure data residency by selecting the appropriate Azure region.
AnswersD, E

PII detection identifies and redacts sensitive information.

Why this answer

Option D is correct because Azure AI Language's PII detection and redaction feature is specifically designed to identify and mask personally identifiable information (PII) in text, such as names, addresses, and social security numbers, directly within the service. This built-in capability ensures that sensitive data is removed or obfuscated before storage or further processing, directly supporting compliance with data privacy regulations like GDPR or HIPAA.

Exam trap

The trap here is that candidates often confuse data encryption (Option B) with data anonymization or redaction, assuming that encrypting the data at rest or in transit is sufficient for privacy compliance, whereas regulations like GDPR require active masking or removal of PII from the content itself, not just cryptographic protection.

96
MCQeasy

You need to provide a team of developers with access to manage Azure AI resources in a specific resource group. The developers should be able to create, read, update, and delete AI resources, but not manage access control (IAM). Which built-in role should you assign?

A.Cognitive Services Contributor
B.Owner
C.Reader
D.Contributor
AnswerD

Contributor allows create/read/update/delete but not IAM.

Why this answer

The Contributor role grants full access to manage all resources within a resource group, including creating, reading, updating, and deleting Azure AI resources, but explicitly denies the ability to manage access control (IAM). This matches the requirement exactly, as developers need full resource management without IAM permissions.

Exam trap

The trap here is that candidates often confuse the Contributor role with the Cognitive Services Contributor role, mistakenly thinking the latter provides broader resource group-level management, when in fact it is limited to Cognitive Services resources only.

How to eliminate wrong answers

Option A is wrong because Cognitive Services Contributor is a built-in role that provides full access to Azure Cognitive Services resources, but it is scoped to the Cognitive Services resource level and does not grant the ability to manage other AI resource types (e.g., Azure Machine Learning, Azure Bot Service) within the resource group. Option B is wrong because the Owner role grants full access to all resources, including the ability to manage access control (IAM), which violates the requirement that developers should not manage IAM. Option C is wrong because the Reader role only allows read-only access to resources; it does not permit create, update, or delete operations.

97
Matchingmedium

Match each Azure AI scenario to the appropriate service.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Computer Vision

Speech Translation

Form Recognizer

Text Analytics

QnA Maker

Why these pairings

These are typical use cases for Azure AI services.

98
Multi-Selecthard

You are planning an Azure AI solution that processes sensitive customer data. Compliance requires encryption at rest using a customer-managed key (CMK) stored in Azure Key Vault. The AI resource must also be accessible only from specific virtual networks. Which two configurations are necessary? (Choose two.)

Select 2 answers
A.Assign a system-assigned managed identity to the Azure AI service.
B.Deploy Azure Firewall to inspect outbound traffic.
C.Enable customer-managed key encryption for the Azure AI service.
D.Enable public network access from selected IP addresses.
E.Configure private endpoints for the Azure AI service.
AnswersC, E

CMK is needed for encryption at rest with customer control.

Why this answer

This is a multi-select question requiring two correct answers. Option A is correct because CMK support is required for encryption at rest. Option C is correct because private endpoints enable network isolation.

Option B is incorrect because managed identity is not required for network access. Option D is incorrect because Azure Firewall is not required. Option E is incorrect because public network access must be disabled, not allowed.

99
MCQmedium

Your organization is migrating on-premises machine learning models to Azure. The models are used for real-time inference. You need to choose a service that provides managed endpoints with autoscaling and supports custom containers. Which service should you use?

A.Azure Machine Learning managed online endpoints
B.Azure Functions
C.Azure Kubernetes Service (AKS) with manual scaling
D.Azure AI Services custom vision
AnswerA

Supports custom containers, autoscaling, and managed infrastructure.

Why this answer

Azure Machine Learning managed online endpoints are the correct choice because they provide fully managed, autoscaling endpoints specifically designed for real-time inference. They support custom container images, allowing you to deploy any model packaged as a Docker container, and handle traffic splitting, health checks, and scaling automatically without managing underlying infrastructure.

Exam trap

The trap here is that candidates often confuse Azure Kubernetes Service (AKS) as the only option for custom containers, overlooking that Azure Machine Learning managed endpoints natively support custom containers with autoscaling, eliminating the operational burden of managing a Kubernetes cluster.

How to eliminate wrong answers

Option B (Azure Functions) is wrong because Azure Functions is a serverless compute service for event-driven, short-lived tasks, not optimized for real-time ML inference with custom containers; it lacks native autoscaling for ML workloads and does not provide managed endpoints with traffic splitting or model versioning. Option C (Azure Kubernetes Service with manual scaling) is wrong because while AKS can host custom containers, the requirement specifies 'managed endpoints with autoscaling'—manual scaling contradicts autoscaling, and AKS requires significant cluster management overhead, unlike the fully managed endpoint service. Option D (Azure AI Services custom vision) is wrong because Custom Vision is a pre-built AI service for image classification and object detection, not a general-purpose platform for deploying custom ML models with custom containers; it does not support arbitrary custom containers or managed endpoints for real-time inference.

100
MCQeasy

Your company uses Azure OpenAI Service to generate marketing content. You need to ensure that the generated content does not contain offensive language. Which feature should you enable?

A.Azure AI Content Safety filters.
B.Audit logging for all API calls.
C.Data encryption at rest.
D.Rate limiting on the endpoint.
AnswerA

Content Safety filters can block offensive language.

Why this answer

Azure AI Content Safety filters are specifically designed to detect and block offensive, inappropriate, or harmful language in text and images. By enabling these filters on your Azure OpenAI Service deployment, you can configure severity thresholds for categories like hate, self-harm, sexual, and violence content, ensuring generated marketing content meets safety policies.

Exam trap

The trap here is that candidates confuse operational features like logging or rate limiting with content moderation, assuming any security-related setting can filter offensive language, when only Azure AI Content Safety provides the specific content filtering capability.

How to eliminate wrong answers

Option B is wrong because audit logging records API calls for monitoring and compliance but does not actively filter or block offensive content in responses. Option C is wrong because data encryption at rest protects stored data from unauthorized access but has no role in analyzing or moderating generated text for offensive language. Option D is wrong because rate limiting controls the number of requests per time period to prevent abuse or overload, not to inspect or filter the content of responses.

101
MCQhard

Refer to the exhibit. You are testing a conversational language understanding (CLU) application in Azure AI Language. You send the JSON request to the prediction endpoint and receive a 200 response but with an empty topIntent. What is the most likely cause?

A.The projectName or deploymentName is incorrect.
B.The conversationItem is missing a required 'role' field.
C.The language parameter is not supported.
D.The utterance text is too short.
AnswerB

The 'role' field indicates who is speaking and is required for correct classification.

Why this answer

B is correct because the JSON request for a conversational language understanding (CLU) application requires a 'role' field within the 'conversationItem' object when using the conversation analysis endpoint. Without this field, the service cannot properly interpret the utterance's context (e.g., user vs. system role), leading to a successful HTTP 200 response but an empty 'topIntent' as the model fails to classify the intent.

Exam trap

The trap here is that candidates assume a 200 status code means the request was fully valid, overlooking that CLU can return a successful HTTP response with an empty topIntent when required schema fields like 'role' are missing, rather than throwing an explicit error.

How to eliminate wrong answers

Option A is wrong because an incorrect projectName or deploymentName would result in a 404 (Not Found) or 401 (Unauthorized) error, not a 200 response with an empty topIntent. Option C is wrong because an unsupported language parameter would cause a 400 (Bad Request) error with a specific error message, not a successful 200 response. Option D is wrong because the utterance text being too short does not prevent intent classification; CLU can handle short utterances, and the model would still return a topIntent (even if low confidence) rather than an empty value.

102
MCQmedium

Refer to the exhibit. You are implementing an Azure AI Search index for semantic search with vector support. The index includes a field 'descriptionVector' of type Collection(Edm.Single) with 1536 dimensions. When you run a vector search query, you notice that results are not sorted by relevance. What is the most likely cause?

A.The 'descriptionVector' field is not searchable
B.The vector dimensions do not match the embedding model output
C.The index does not have a vector configuration with a similarity metric
D.The 'descriptionVector' field is set as retrievable: false
AnswerC

Vector search requires a vector profile to compute similarity.

Why this answer

Option C is correct because Azure AI Search requires a vector configuration with a similarity metric (e.g., cosine, dotProduct, euclidean) to compute relevance scores for vector search results. Without this configuration, the search engine cannot sort results by relevance, leading to unsorted or default ordering. The similarity metric is defined in the index's vector configuration and is essential for ranking vector query results.

Exam trap

The trap here is that candidates often confuse field attributes (searchable, retrievable) with the vector-specific configuration required for similarity scoring, leading them to pick options A or D instead of recognizing the missing vector configuration.

How to eliminate wrong answers

Option A is wrong because the 'searchable' attribute is not applicable to vector fields; vector fields are inherently searchable via vector queries, and setting them as searchable is not required for relevance sorting. Option B is wrong because mismatched vector dimensions would cause query failures or errors, not unsorted results; the question states the query runs but results are not sorted by relevance. Option D is wrong because the 'retrievable' attribute controls whether field values are returned in search results, not how results are sorted; setting it to false would omit the field from output but not affect relevance sorting.

103
MCQmedium

You are deploying a custom question-answering solution using Azure AI Language. The solution must support multiple languages and provide answers from a set of FAQ documents. You need to ensure that the service can handle up to 1000 requests per minute with low latency. What should you configure?

A.Use Azure AI Search with a basic tier and replicas.
B.Use the Standard tier and allocate 10 capacity units (CUs).
C.Use the Free tier and enable autoscaling.
D.Deploy a dedicated endpoint with provisioned throughput of 1000 TPS.
AnswerB

Standard tier with CUs provides the required throughput.

Why this answer

Option B is correct because Azure AI Language's custom question-answering feature uses a Standard tier with capacity units (CUs) to handle throughput and latency. Each CU provides a baseline of 100 requests per minute (RPM), so 10 CUs deliver exactly 1000 RPM, meeting the requirement. The Standard tier also supports multiple languages and low-latency responses from FAQ documents.

Exam trap

The trap here is confusing throughput units (requests per minute vs. per second) and assuming that Azure AI Search replicas or provisioned TPS from other services apply to Azure AI Language custom question-answering, when the correct scaling mechanism is capacity units (CUs) on the Standard tier.

How to eliminate wrong answers

Option A is wrong because Azure AI Search with a basic tier and replicas is designed for indexing and search, not for the managed question-answering runtime of Azure AI Language; replicas improve search query throughput but do not directly control the custom QA endpoint's request rate or latency. Option C is wrong because the Free tier is limited to 3 transactions per minute and cannot scale to 1000 requests per minute, and autoscaling is not available on the Free tier. Option D is wrong because provisioned throughput of 1000 TPS (transactions per second) is a concept for Azure OpenAI or dedicated endpoints in other services, not for Azure AI Language custom question-answering, which uses capacity units (CUs) measured in requests per minute, not per second.

104
Multi-Selectmedium

Which TWO Azure AI services can be used together to build a solution that transcribes customer service calls and detects sentiment?

Select 2 answers
A.Azure AI Language (sentiment analysis)
B.Azure AI Speech (speech-to-text)
C.Azure AI Translator
D.Azure AI Speech (text-to-speech)
E.Azure AI Language (conversational language understanding)
AnswersA, B

Analyzes sentiment from text.

Why this answer

Azure AI Speech's speech-to-text capability transcribes the audio of customer service calls into text, while Azure AI Language's sentiment analysis evaluates that text to determine the overall sentiment (e.g., positive, negative, or neutral). Together, they form a complete pipeline for analyzing call recordings. Option A is correct because sentiment analysis is the specific feature within Azure AI Language that detects sentiment from text.

Option B is correct because speech-to-text is the specific feature within Azure AI Speech that converts audio to text.

Exam trap

The trap here is that candidates may confuse Azure AI Speech's text-to-speech with speech-to-text, or mistakenly think Azure AI Translator or conversational language understanding can perform sentiment analysis, when in fact only the specific sentiment analysis feature of Azure AI Language is designed for that task.

105
MCQhard

You deployed a custom neural voice in Azure AI Speech. The model generates poor prosody for long sentences. What should you do?

A.Re-record the training audio at 24 kHz sample rate.
B.Switch to a prebuilt neural voice.
C.Increase the number of training scripts.
D.Use SSML tags to control prosody at runtime.
AnswerA

High-quality audio is essential for learning natural prosody.

Why this answer

A custom neural voice model requires high-quality training data. A 24 kHz sample rate is the standard for Azure AI Speech's neural voices, as it captures the full frequency range needed for natural prosody. Re-recording at this rate ensures the model learns proper intonation and rhythm for long sentences, directly addressing the poor prosody issue.

Exam trap

The trap here is that candidates may think runtime SSML tags (Option D) can fix poor prosody, but the question specifies the model generates poor prosody, indicating a training data quality issue that SSML cannot correct.

How to eliminate wrong answers

Option B is wrong because switching to a prebuilt neural voice does not fix the custom model's training data quality issue; it only replaces the model entirely, which may not meet custom voice requirements. Option C is wrong because increasing the number of training scripts does not improve prosody if the existing audio quality (e.g., sample rate) is inadequate; more low-quality data does not help. Option D is wrong because SSML tags control prosody at runtime but do not address the root cause of poor prosody in the trained model; they are a workaround, not a fix for training data deficiencies.

106
MCQhard

You are designing a solution that uses Azure AI Translator to translate documents in real-time. The solution must handle up to 10,000 characters per request and must be cost-effective. Which pricing tier should you select?

A.F0 (Free)
B.S1 (Standard)
C.D3 (Volume)
D.S2 (Standard)
AnswerB

S1 supports up to 10,000 characters per request at standard cost.

Why this answer

The S1 (Standard) tier is correct because it supports up to 10,000 characters per request for real-time document translation, which meets the requirement, and it is the most cost-effective paid tier for this workload. The Free tier (F0) has a limit of 5,000 characters per request and is not suitable for production use, while higher tiers like S2 and D3 are unnecessary and more expensive for this character limit.

Exam trap

The trap here is that candidates often confuse the character-per-request limit with the total monthly character allowance, leading them to incorrectly select the Free tier (F0) for small workloads without realizing its 5,000-character per request cap is insufficient for the stated requirement.

How to eliminate wrong answers

Option A is wrong because the F0 (Free) tier has a maximum of 5,000 characters per request, which is insufficient for handling 10,000 characters per request, and it is intended only for evaluation and non-production use. Option C is wrong because the D3 (Volume) tier is designed for high-volume translation with discounted per-character pricing but is not cost-effective for the specified 10,000-character limit, as it requires a commitment to large monthly volumes and has a higher base cost. Option D is wrong because the S2 (Standard) tier supports the same 10,000-character limit as S1 but at a higher per-character cost, making it less cost-effective for this requirement.

107
MCQmedium

Refer to the exhibit. You are using Azure OpenAI to build a trivia bot. The bot responds correctly to simple questions but sometimes gives overly verbose or off-topic answers. Which parameter should you adjust to make responses more focused?

A.Increase temperature
B.Decrease top_p
C.Increase max_tokens
D.Decrease max_tokens
E.Decrease temperature
AnswerE

Lower temperature makes the model more deterministic and focused.

Why this answer

Decreasing the temperature parameter reduces the randomness of the model's output, making it more deterministic and focused. For a trivia bot that gives overly verbose or off-topic answers, lowering temperature (e.g., from 0.7 to 0.3) forces the model to choose higher-probability tokens, which typically correspond to more concise and relevant responses.

Exam trap

Microsoft often tests the misconception that max_tokens controls response focus, but candidates must understand that max_tokens only limits length, not content relevance, while temperature directly influences the model's creativity and adherence to the prompt.

How to eliminate wrong answers

Option A is wrong because increasing temperature would increase randomness, making responses even more verbose and off-topic. Option B is wrong because decreasing top_p (nucleus sampling) can also reduce diversity but is not the primary parameter for controlling focus; it cuts off low-probability tokens, which may help but is less direct than temperature for this symptom. Option C is wrong because increasing max_tokens would allow longer responses, exacerbating verbosity.

Option D is wrong because decreasing max_tokens truncates the output length but does not address the core issue of off-topic content; the model may still produce irrelevant text within the shorter limit.

108
MCQmedium

You see the exhibit in an Azure AI Search skillset definition. The custom skill is not executing as expected. What is the most likely cause?

A.The skill is missing the 'uri' property to specify the endpoint
B.The input source path is incorrect
C.The JSON is malformed and will not parse
D.The type should be 'Microsoft.Skills.Custom.WebApiSkill' with dots
AnswerA

A custom web API skill must include 'uri' for the function URL.

Why this answer

The custom skill is not executing because the 'uri' property, which specifies the endpoint URL for the web API, is missing from the skill definition. Azure AI Search requires this property to route requests to the external service; without it, the skill cannot be invoked and will fail silently or return errors.

Exam trap

The trap here is that candidates often focus on input/output paths or syntax errors, overlooking the fact that the 'uri' property is a required field for custom WebApiSkills, and its absence is a common oversight in skillset definitions.

How to eliminate wrong answers

Option B is wrong because an incorrect input source path would cause a different symptom—such as missing or null data being passed to the skill—but the skill would still attempt execution; the core issue here is the missing endpoint. Option C is wrong because if the JSON were malformed, the skillset definition would fail to parse entirely during creation or update, not just cause the skill to not execute. Option D is wrong because the type 'Microsoft.Skills.Custom.WebApiSkill' is the correct and required format for a custom web API skill in Azure AI Search; using dots is standard and not a problem.

109
MCQmedium

You are deploying an Azure AI Search solution that indexes customer support tickets. The solution must support fuzzy search for misspelled keywords and boost results from premium customers. Which two features should you configure?

A.Scoring profiles
B.Synonym maps
C.Suggesters
D.Custom analyzers
E.Fuzzy search parameters
AnswerA, E

Scoring profiles allow boosting based on fields like customer tier.

Why this answer

Scoring profiles allow you to boost search results based on specific criteria, such as customer tier, by assigning higher weights to certain fields or adding functions that increase scores for premium customers. This directly supports the requirement to prioritize results from premium customers.

Exam trap

The trap here is that candidates often confuse fuzzy search parameters with custom analyzers or synonym maps, but fuzzy search is a query-time parameter (e.g., searchMode=any&fuzzy=true) that does not require index-level configuration, while scoring profiles are the correct mechanism for boosting results.

How to eliminate wrong answers

Option B is wrong because synonym maps expand queries to include equivalent terms but do not handle misspellings or boost results by customer tier. Option C is wrong because suggesters enable autocomplete and search-as-you-type suggestions, not fuzzy matching or scoring boosts. Option D is wrong because custom analyzers define tokenization and text normalization rules but do not provide built-in fuzzy search parameters or scoring profile boosts.

110
MCQeasy

A healthcare organization uses Azure AI Language to extract medical entities from clinical notes. The solution must comply with HIPAA. What should you configure?

A.Use Azure AI Language with HIPAA-enabled service and enable encryption
B.Configure data residency to a specific region
C.Enable content filtering
D.Isolate the service in a virtual network
AnswerA

Azure AI Language offers HIPAA-compliant tiers with data encryption.

Why this answer

Option A is correct because Azure AI Language can be configured with a HIPAA-eligible service tier, and enabling encryption at rest and in transit ensures compliance with HIPAA's security and privacy rules. This configuration meets the healthcare organization's requirement to protect protected health information (PHI) when extracting medical entities from clinical notes.

Exam trap

The trap here is that candidates often confuse network isolation (VNet) or data residency with HIPAA compliance, not realizing that HIPAA mandates specific encryption and a signed BAA, which are only available with a HIPAA-eligible service tier.

How to eliminate wrong answers

Option B is wrong because configuring data residency to a specific region addresses data sovereignty but does not by itself ensure HIPAA compliance, which requires additional safeguards like encryption and access controls. Option C is wrong because content filtering in Azure AI Language is designed to block offensive or harmful content, not to enforce HIPAA compliance or protect PHI. Option D is wrong because isolating the service in a virtual network (VNet) provides network-level security but does not automatically meet HIPAA requirements; encryption and a HIPAA-eligible service tier are still necessary.

111
MCQhard

Refer to the exhibit. You are reviewing a content safety policy for an Azure AI Foundry deployment. The policy rate limits to 20 requests per minute. A user submits 50 requests in one minute. How many requests are allowed?

A.20
B.50
C.100
D.None, all are blocked.
AnswerA

The rate limit policy sets 20 requests per minute.

Why this answer

The content safety policy enforces a rate limit of 20 requests per minute. When a user submits 50 requests in one minute, the rate limiter allows only the first 20 requests and blocks the remaining 30. This is a standard token-bucket or sliding-window rate-limiting behavior in Azure AI Foundry, where exceeding the limit results in HTTP 429 (Too Many Requests) for excess requests.

Exam trap

Microsoft often tests the misconception that exceeding a rate limit blocks all requests, when in fact the limit is a threshold that allows the first N requests and denies the rest.

How to eliminate wrong answers

Option B is wrong because it assumes all 50 requests are allowed, ignoring the explicit rate limit of 20 per minute. Option C is wrong because 100 is not related to any limit in the policy; it may confuse the rate limit with a burst or quota value. Option D is wrong because the policy does not block all requests; it allows up to the limit (20) and then blocks the excess.

112
Multi-Selecteasy

You are developing an Azure AI solution that uses pre-built models from Azure AI Vision to analyze images. The solution must be able to detect objects and read printed text. Which TWO capabilities should you use?

Select 2 answers
A.OCR (legacy)
B.Facial detection
C.Object detection
D.Image tagging
E.Read (OCR)
AnswersC, E

Detects objects in images.

Why this answer

Option C is correct because Azure AI Vision's Object Detection capability identifies and locates objects within an image, returning bounding box coordinates and labels. This directly meets the requirement to 'detect objects' in the solution.

Exam trap

The trap here is that candidates often confuse Image Tagging (which only provides labels) with Object Detection (which provides both labels and spatial localization), and may mistakenly choose the legacy OCR API instead of the modern Read API for text extraction.

113
Multi-Selecthard

Which THREE considerations are important when planning to use Azure OpenAI Service in a production environment?

Select 3 answers
A.Configure content filtering to block harmful outputs
B.Train a custom model from scratch using your own data
C.Plan for rate limits and quotas to handle expected load
D.Determine data residency requirements for your region
E.Deploy the service within a virtual network (VNet)
AnswersA, C, D

Required for responsible use.

Why this answer

Option A is correct because Azure OpenAI Service includes built-in content filtering to detect and block harmful outputs such as hate, violence, or self-harm. This is a critical safety and compliance requirement for production deployments, as it helps meet responsible AI principles and regulatory obligations. Without configuring content filters, the service could generate inappropriate responses that violate usage policies or legal standards.

Exam trap

Microsoft often tests the misconception that Azure OpenAI Service allows training models from scratch, but the service only supports fine-tuning of pre-trained base models, not full custom training.

114
MCQhard

Your company uses Azure OpenAI Service to generate product descriptions. You need to ensure that the generated content does not include offensive language and adheres to responsible AI principles. What should you implement?

A.Enable customer-managed key encryption
B.Configure content filters in Azure OpenAI
C.Fine-tune the model with a curated dataset
D.Set usage limits and throttling
AnswerB

Content filters block offensive language and support responsible AI.

Why this answer

Content filters in Azure OpenAI allow you to define categories (e.g., hate, violence, self-harm) and severity levels (low, medium, high) to automatically block or flag offensive language in generated outputs. This directly enforces responsible AI principles by preventing harmful content from being surfaced to users, without requiring model retraining or encryption changes.

Exam trap

The trap here is that candidates often confuse data security controls (like encryption or throttling) with content safety controls, assuming any 'security' feature can filter offensive language, when in fact only purpose-built content filters can analyze and block harmful text in real time.

How to eliminate wrong answers

Option A is wrong because customer-managed key encryption (CMK) protects data at rest but does not inspect or filter the semantic content of model outputs for offensive language. Option C is wrong because fine-tuning with a curated dataset can reduce but not guarantee the absence of offensive outputs; it cannot dynamically block real-time content violations and requires ongoing dataset maintenance. Option D is wrong because usage limits and throttling control API request rates and quotas, not the quality or safety of the generated text.

115
MCQmedium

You are planning a multi-region deployment of Azure AI services to ensure high availability and low latency for global users. You need to decide how to manage API keys and endpoint URLs across regions. What is the recommended approach?

A.Create separate Azure AI services resources per region and hardcode the keys in application configuration.
B.Create a single Azure AI services resource in one region and share the key across all applications.
C.Use Azure API Management to expose a single endpoint that routes to regional Azure AI services resources, each with its own key stored in Key Vault.
D.Use Microsoft Entra ID authentication with managed identities and have each application call the region-specific endpoint directly.
AnswerC

API Management provides routing, failover, and key management.

Why this answer

Option C is correct because it combines Azure API Management as a unified gateway with regional Azure AI Services resources, each secured by individual keys stored in Azure Key Vault. This architecture provides global load balancing, regional failover, and centralized key management without exposing keys in application code. API Management can route requests based on latency or geography, ensuring high availability and low latency while Key Vault rotates keys securely.

Exam trap

The trap here is that candidates often assume a single global resource or direct regional calls are sufficient, overlooking the need for a centralized gateway like API Management to handle routing, failover, and key management at scale.

How to eliminate wrong answers

Option A is wrong because hardcoding keys in application configuration violates security best practices (keys can be exposed in source control or logs) and requires manual updates per region for key rotation or failover, undermining operational efficiency. Option B is wrong because a single resource in one region creates a single point of failure and introduces cross-region latency for users far from that region, violating the high-availability and low-latency requirements. Option D is wrong because while Microsoft Entra ID with managed identities is secure, calling region-specific endpoints directly requires the application to manage regional routing logic and failover itself, adding complexity and defeating the purpose of a unified gateway for global load balancing.

116
MCQeasy

You are designing an Azure AI solution that uses Azure AI Language to analyze customer support transcripts. The solution must identify key phrases, detect sentiment, and extract custom entities specific to your product catalog. Which two Azure AI Language features should you enable?

A.PII Detection
B.Key Phrase Extraction
C.Summarization
D.Custom Entity Extraction
AnswerB, D

Extracts key topics and terms from text.

Why this answer

Key Phrase Extraction (Option B) is correct because it identifies the main points and important terms in customer support transcripts, such as 'refund request' or 'account issue,' which directly supports analyzing the content. Custom Entity Extraction (Option D) is correct because it allows you to define and extract domain-specific entities from your product catalog, such as product names or model numbers, using a trained custom entity extraction model. Together, these two features enable both general insight extraction and tailored, product-specific data extraction from the transcripts.

Exam trap

Microsoft often tests the distinction between pre-built features (like Key Phrase Extraction) and custom features (like Custom Entity Extraction), and the trap here is that candidates may incorrectly choose Summarization or PII Detection because they sound relevant to 'analyzing transcripts,' but they do not fulfill the specific requirements of key phrase identification and custom entity extraction.

How to eliminate wrong answers

Option A is wrong because PII Detection is designed to identify and redact personally identifiable information (e.g., names, phone numbers, credit card numbers) for privacy compliance, not to analyze key phrases or extract custom product entities. Option C is wrong because Summarization generates a concise summary of the transcript's main points, which is useful for overview but does not perform key phrase identification or custom entity extraction as required by the question.

117
MCQeasy

You run the above Azure CLI command. What is the expected output?

A.The primary and secondary keys along with the endpoint
B.The primary and secondary keys
C.A list of endpoints for the service
D.An error because the command is incorrect
AnswerA, B

The command returns keys; the endpoint is not included in the output of this command.

Why this answer

The Azure CLI command `az cognitiveservices account keys list` retrieves the API keys for a Cognitive Services account. By default, this command returns both the primary and secondary keys, but does not include the endpoint URL. The endpoint must be retrieved separately using `az cognitiveservices account show`.

Therefore, the expected output is only the primary and secondary keys, not the endpoint.

Exam trap

The trap here is that candidates often assume the `keys list` command also returns the endpoint, confusing it with the `show` command that returns the full resource properties including the endpoint.

How to eliminate wrong answers

Option A is wrong because the command does not return the endpoint; it only returns the keys. Option C is wrong because the command returns keys, not a list of endpoints. Option D is wrong because the command is syntactically correct and will execute successfully.

118
MCQeasy

You are deploying a real-time translation service using Azure AI Translator. The solution must support automatic language detection and translation for customer chat conversations. Which pricing tier should you select to minimize costs while meeting the requirement?

A.Free (F0)
B.Standard S3
C.Standard S2
D.Standard S1
AnswerD

S1 provides real-time translation with language detection at moderate cost.

Why this answer

The Standard S1 tier (D) is correct because it provides up to 1 million characters per month for translation and language detection, which is sufficient for typical customer chat workloads. The Free tier (F0) is limited to 2,000 characters per request and 2 million characters per month, which may be insufficient for production chat volumes. Higher tiers (S2, S3) offer increased throughput and character limits but incur higher costs, making S1 the most cost-effective choice that meets the requirement.

Exam trap

The trap here is that candidates often assume the Free tier is sufficient for production workloads, overlooking its strict character and throughput limits, or they choose a higher tier like S2 or S3 thinking more capacity is always better, without considering cost optimization for the actual workload.

How to eliminate wrong answers

Option A is wrong because the Free tier (F0) has a maximum throughput of 2,000 characters per request and a monthly cap of 2 million characters, which is too restrictive for real-time customer chat conversations that may involve high volume or burst traffic. Option B is wrong because Standard S3 offers up to 1 billion characters per month and higher throughput, which is overprovisioned and unnecessarily expensive for a typical chat translation service. Option C is wrong because Standard S2 provides up to 10 million characters per month, which exceeds the needs of most chat workloads and results in higher costs than S1 without additional benefit for this scenario.

119
Multi-Selectmedium

Which TWO Azure services can be used to monitor and analyze the usage costs of an Azure AI solution that includes multiple Cognitive Services accounts?

Select 2 answers
A.Azure Service Health
B.Azure Policy
C.Azure Cost Management + Billing
D.Azure Advisor
E.Azure Monitor metrics and logs
AnswersC, E

Provides cost analysis, budgets, and alerts.

Why this answer

Azure Cost Management + Billing (C) provides native tools to track, analyze, and optimize cloud spending across all Azure services, including multiple Cognitive Services accounts. It allows you to break down costs by resource, resource group, or tag, and set budgets with alerts. Azure Monitor metrics and logs (E) can capture custom metrics and diagnostic logs from Cognitive Services, enabling you to correlate usage patterns with cost data for deeper analysis.

Exam trap

The trap here is that candidates often confuse Azure Advisor's cost recommendations with actual cost monitoring, or mistakenly think Azure Service Health covers billing issues, when in fact only Cost Management + Billing and Azure Monitor provide the direct data needed for usage cost analysis.

120
MCQhard

Your company uses Azure AI Language to analyze customer feedback. The solution currently uses the default endpoint and key. Security policy requires that all API calls be authenticated using Microsoft Entra ID and that network access be restricted to a specific virtual network. You need to reconfigure the resource. What should you do?

A.Disable local authentication, enable managed identity, and configure the virtual network
B.Regenerate the API keys and update the application
C.Create a private endpoint for the resource
D.Configure the resource to use Microsoft Entra ID authentication only
AnswerA

Managed identity uses Microsoft Entra ID, and VNet integration restricts network access.

Why this answer

Option A is correct because it addresses both security requirements: disabling local authentication ensures that API keys cannot be used, forcing all calls to authenticate via Microsoft Entra ID; enabling a managed identity provides a secure identity for the resource to authenticate with Entra ID; and configuring the virtual network restricts network access to the specified VNet, meeting the network restriction policy.

Exam trap

The trap here is that candidates often confuse 'private endpoint' (which only handles network isolation) with the combined requirement of authentication and network access, leading them to select Option C without realizing that local authentication must also be disabled.

How to eliminate wrong answers

Option B is wrong because regenerating API keys and updating the application still relies on local authentication (API keys), which does not satisfy the requirement to use Microsoft Entra ID for authentication. Option C is wrong because creating a private endpoint only restricts network access to a virtual network (via a private IP), but it does not disable local authentication or enforce Microsoft Entra ID authentication; API keys would still be accepted. Option D is wrong because configuring the resource to use Microsoft Entra ID authentication only (via the 'Authentication type' setting) disables local authentication but does not restrict network access to a specific virtual network; network-level controls must be configured separately.

121
MCQhard

You are designing a solution that uses Azure AI Document Intelligence to extract data from invoices. The invoices are in various formats (PDF, TIFF, and JPEG) and languages. You need to ensure high accuracy for extraction. Which approach should you take?

A.Use the prebuilt invoice model and configure language detection.
B.Use Azure AI Vision OCR to extract all text and then parse using regular expressions.
C.Convert all invoices to a single format (e.g., PDF) before processing.
D.Use a custom extraction model trained on a sample set of invoices covering all formats and languages.
AnswerD

Custom models adapt to specific variations.

Why this answer

Option D is correct because Azure AI Document Intelligence’s custom extraction models are trained on your specific invoice samples, enabling the model to learn the unique layouts, fields, and languages present across PDF, TIFF, and JPEG formats. This approach directly addresses the need for high accuracy on varied formats and languages, as the model adapts to the exact patterns in your data rather than relying on a generic prebuilt model or brittle post-processing.

Exam trap

The trap here is that candidates assume the prebuilt invoice model (Option A) is always the best choice for invoices, but the question explicitly requires high accuracy across varied formats and languages, which demands a custom model tailored to the specific data.

How to eliminate wrong answers

Option A is wrong because the prebuilt invoice model supports a fixed set of fields and languages; while language detection can be configured, the model may not achieve high accuracy for invoices with non-standard layouts, rare languages, or format-specific artifacts (e.g., TIFF compression noise). Option B is wrong because Azure AI Vision OCR extracts raw text without understanding invoice structure; parsing with regular expressions is fragile and cannot reliably handle varied layouts, missing fields, or multilingual content, leading to low accuracy. Option C is wrong because converting all invoices to a single format (e.g., PDF) does not improve extraction accuracy—the underlying content and layout remain the same, and conversion can introduce artifacts (e.g., loss of resolution in TIFF-to-PDF) that degrade OCR quality.

122
Multi-Selecteasy

Which TWO actions are valid ways to authenticate to Azure AI services?

Select 2 answers
A.Use a client certificate.
B.Use an API key.
C.Use Microsoft Entra ID authentication with a service principal.
D.Use a shared access signature (SAS) token.
E.Use a managed identity.
AnswersB, C

API keys are a common authentication method.

Why this answer

Option B is correct because Azure AI services accept API keys as a straightforward authentication method. Each service generates a pair of keys that must be included in the `Ocp-Apim-Subscription-Key` header of HTTP requests. Option C is correct because Microsoft Entra ID (formerly Azure AD) authentication with a service principal is fully supported for Azure AI services, allowing token-based authentication via the `Authorization` header with a bearer token obtained from the Microsoft identity platform.

Exam trap

The trap here is that candidates confuse managed identities as a direct authentication method for Azure AI services, when in fact they are an identity provisioning mechanism that requires an additional token exchange step to authenticate via Entra ID.

123
MCQmedium

You are developing a chatbot using Azure AI Bot Service that uses Azure OpenAI Service for natural language understanding. The chatbot must be deployed in multiple regions for low latency. However, the customer requires that all customer data remain within the European Union. Which architecture should you recommend?

A.Deploy the bot in a single EU region and rely on CDN for static content.
B.Use Azure Front Door to route traffic to a single bot hosted in West Europe.
C.Deploy the bot and all supporting services in multiple EU regions, e.g., West Europe and North Europe, without cross-region data replication.
D.Deploy the bot in multiple global regions and use Cosmos DB with multi-region writes.
AnswerC

Data stays within EU; multiple regions provide low latency.

Why this answer

Option C is correct because deploying the bot and all supporting services in multiple EU regions (e.g., West Europe and North Europe) ensures low latency for users across Europe while keeping all customer data within the European Union. Azure OpenAI Service and Azure AI Bot Service can be deployed regionally without cross-region data replication, satisfying the data residency requirement. This architecture avoids any data leaving EU boundaries while providing geographic redundancy for performance.

Exam trap

The trap here is that candidates often assume multi-region deployment automatically requires cross-region data replication (like Cosmos DB multi-region writes), but the correct approach is to deploy independent regional instances without replicating data across regions to satisfy strict data residency requirements.

How to eliminate wrong answers

Option A is wrong because relying on a CDN for static content does not address the core requirement of low latency for dynamic chatbot interactions, and a single-region deployment still creates a single point of failure for the bot logic and AI processing. Option B is wrong because using Azure Front Door to route traffic to a single bot hosted in West Europe does not provide true multi-region deployment; the bot itself remains in one region, so users far from West Europe will experience higher latency, and data still resides only in that one EU region, failing to optimize latency across multiple EU locations. Option D is wrong because deploying the bot in multiple global regions and using Cosmos DB with multi-region writes would replicate customer data outside the European Union, violating the data residency requirement; additionally, multi-region writes in Cosmos DB replicate data across regions, which is not permitted under the EU-only constraint.

124
MCQeasy

You are planning a solution that uses Azure AI Language to analyze customer feedback from social media posts. The solution must: - Detect sentiment (positive, negative, neutral) for each post. - Extract key phrases. - Support English and Spanish languages. - Run asynchronously for a batch of 10,000 posts. - Use the least expensive option that meets requirements. What should you do?

A.Use the Azure AI Language service with the built-in sentiment analysis and key phrase extraction capabilities. Process posts in batches using the async API.
B.Build a custom text classification model in Azure AI Language to detect sentiment and extract key phrases.
C.Use the Azure AI Language service with the single-document API for each post.
D.Use Azure AI Translator to translate all posts to English, then use Azure AI Language for analysis.
AnswerA

Built-in features meet requirements at lowest cost; async API handles volume.

Why this answer

Option A is correct because Azure AI Language's built-in sentiment analysis and key phrase extraction natively support both English and Spanish, and the async batch API is designed for high-volume processing (e.g., 10,000 posts) at a lower cost than per-document calls. This approach meets all requirements without custom models or translation overhead.

Exam trap

The trap here is that candidates often assume custom models are required for multilingual support or that translation is necessary, when in fact Azure AI Language's built-in capabilities already cover English and Spanish natively.

How to eliminate wrong answers

Option B is wrong because building a custom text classification model is unnecessary and more expensive; the built-in capabilities already handle sentiment and key phrase extraction for the required languages. Option C is wrong because using the single-document API for each of 10,000 posts would incur higher costs and slower performance compared to the async batch API, which is designed for bulk processing. Option D is wrong because translating all posts to English adds unnecessary cost and latency, and Azure AI Language already supports Spanish natively for both sentiment analysis and key phrase extraction.

125
MCQmedium

You are designing a document processing pipeline using Azure AI Document Intelligence. The pipeline must extract data from both structured forms and unstructured invoices. The solution should support custom models with minimal manual labeling. Which approach should you use?

A.Use prebuilt invoice models for all documents
B.Use Azure AI Language to analyze text
C.Train a custom neural model with a few labeled samples
D.Use OCR and custom regex patterns
AnswerC

Neural models require minimal labeling and handle both structured and unstructured documents.

Why this answer

Option C is correct because Azure AI Document Intelligence's custom neural models can be trained with as few as five labeled samples, leveraging transfer learning to achieve high accuracy on both structured forms and unstructured invoices. This approach minimizes manual labeling effort while supporting the diverse document types in the pipeline, unlike prebuilt models that are limited to specific layouts or rule-based methods that require extensive manual configuration.

Exam trap

The trap here is that candidates assume prebuilt models (Option A) are sufficient for all document types, overlooking the requirement for custom structured forms, or they overestimate the effectiveness of OCR and regex (Option D) without recognizing the need for AI-based layout understanding.

How to eliminate wrong answers

Option A is wrong because prebuilt invoice models are designed for standard invoice layouts and cannot handle custom structured forms or unstructured documents with varying formats, leading to poor extraction accuracy. Option B is wrong because Azure AI Language is a text analytics service for sentiment, key phrases, and entity recognition, not a document extraction service capable of processing structured forms or invoices with field-level extraction. Option D is wrong because OCR with custom regex patterns requires manual definition of patterns for each field, is brittle to layout variations, and does not leverage AI to learn from examples, resulting in high maintenance and poor generalization.

126
MCQhard

You are the AI architect for a global e-commerce company. The company uses Azure AI services to power its product recommendation engine. The current solution uses Azure AI Language to extract product attributes from descriptions and Azure AI Search to index and retrieve products. The company is expanding to new markets and must comply with data residency regulations in the European Union and Asia. Additionally, the solution must handle a 10x increase in traffic during holiday sales without downtime. You need to design a solution that meets these requirements. The solution must use Azure AI Language and Azure AI Search. You have the following options: A) Deploy separate Azure AI Language and Azure AI Search resources in each region (EU and Asia) and use Azure Traffic Manager to route users to the nearest region. Use geo-replication for Azure AI Search. B) Deploy a single Azure AI Language resource in the US and use Azure AI Search with geo-replication to handle traffic. Use Azure Front Door for global routing. C) Deploy Azure AI Language resources in each region and use a global Azure AI Search resource with replication. Use Azure Load Balancer to distribute traffic. D) Deploy Azure AI Language and Azure AI Search resources in the US only, and use Azure CDN to cache responses globally. Which option should you choose?

A.Deploy a single US resource with geo-replication and Front Door.
B.Deploy separate resources in each region with Traffic Manager and geo-replication.
C.Deploy US-only resources with CDN caching.
D.Deploy Language in each region with a global Search resource.
AnswerB

Complies with data residency and handles traffic.

Why this answer

Option B is correct because deploying separate Azure AI Language and Azure AI Search resources in each region (EU and Asia) ensures compliance with data residency regulations by keeping data within regional boundaries. Azure Traffic Manager routes users to the nearest region for low latency, and geo-replication for Azure AI Search provides high availability and disaster recovery, handling the 10x traffic increase during holiday sales without downtime.

Exam trap

The trap here is that candidates may assume a single global resource with geo-replication or caching (Options A, C, D) can satisfy data residency, but they overlook that data processing and storage must both occur within the specific region to comply with regulations, not just be replicated or cached elsewhere.

How to eliminate wrong answers

Option A is wrong because deploying a single Azure AI Language resource in the US violates data residency regulations for EU and Asia, as data would be processed and stored outside those regions. Option C is wrong because using a global Azure AI Search resource with replication still stores data in a single region, failing data residency compliance; Azure Load Balancer does not provide geo-routing or regional isolation. Option D is wrong because deploying Azure AI Language resources in each region but using a global Azure AI Search resource in the US means search data is stored in the US, violating EU and Asia data residency requirements.

127
Multi-Selecthard

Which TWO actions should you take to ensure high availability for an Azure AI service deployed in a single region?

Select 2 answers
A.Configure autoscaling for the AI service.
B.Use a read-only replica of the AI service.
C.Deploy the AI service in a second Azure region.
D.Enable Azure DDoS Protection.
E.Enable Azure Backup for the AI resource.
AnswersA, C

Autoscaling adjusts capacity to maintain performance under load.

Why this answer

Option A is correct because autoscaling allows the Azure AI service to dynamically adjust the number of instances based on demand, ensuring that the service can handle traffic spikes without downtime. This is a key high-availability feature within a single region, as it prevents resource exhaustion and maintains responsiveness. Option C is correct because deploying the AI service in a second Azure region provides geographic redundancy, enabling failover if the primary region experiences an outage, which is a fundamental high-availability strategy.

Exam trap

The trap here is that candidates often confuse high-availability features like autoscaling and multi-region deployment with unrelated services like backup or DDoS protection, or incorrectly assume that read-only replicas apply to AI services as they do to databases.

128
MCQmedium

You are deploying an Azure AI Language service custom text classification model. You need to ensure that the training data is balanced and representative. What should you do?

A.Use only the most frequent labels to train the model.
B.Oversample the minority classes to match the majority class size.
C.Split the labeled data into training and test sets, ensuring each class has similar proportions.
D.Use all labeled data for training and rely on cross-validation.
AnswerC

A ensures balanced representation and proper evaluation.

Why this answer

Option C is correct because splitting labeled data into training and test sets while ensuring each class has similar proportions (stratified split) is a standard practice for balanced and representative training data. This approach prevents class imbalance from skewing model evaluation metrics and ensures the model generalizes well to unseen data. In Azure AI Language custom text classification, this is critical for achieving reliable performance across all classes.

Exam trap

The trap here is that candidates often confuse data balancing techniques (like oversampling) with the fundamental requirement of a representative train-test split, leading them to choose Option B or D instead of recognizing that stratified splitting is the direct and correct method for ensuring balanced and representative data in Azure AI Language custom text classification.

How to eliminate wrong answers

Option A is wrong because using only the most frequent labels discards minority class data entirely, leading to a model that cannot classify underrepresented categories and suffers from severe class imbalance. Option B is wrong because oversampling minority classes to match the majority class size can introduce synthetic duplicates or bias, potentially causing overfitting and not addressing the root need for a representative split; Azure AI Language does not natively support oversampling as a preprocessing step for custom text classification. Option D is wrong because using all labeled data for training without a separate test set prevents proper evaluation of model generalization; cross-validation alone does not guarantee balanced class representation across folds unless explicitly stratified, and Azure AI Language custom training requires a dedicated test set for validation.

129
MCQeasy

You are planning to use Azure AI Vision to analyze images for a retail inventory management application. The solution must detect products on shelves and read expiration dates. Which two Azure AI Vision capabilities should you use?

A.Image Captioning
B.Object Detection
C.Face Detection
D.Optical Character Recognition (OCR)
AnswerB, D

Detects and locates products.

Why this answer

Object Detection (B) is correct because it identifies and locates products on shelves by drawing bounding boxes around each detected item, which is essential for inventory tracking. Optical Character Recognition (OCR) (D) is correct because it extracts text from images, enabling the reading of expiration dates printed on product labels or packaging.

Exam trap

The trap here is that candidates may confuse Image Captioning with Object Detection, assuming a descriptive caption could identify products, or overlook OCR because they think expiration dates are purely numeric and can be handled by simpler methods, but Azure AI Vision's OCR is specifically designed for text extraction from images.

How to eliminate wrong answers

Option A is wrong because Image Captioning generates a natural language description of the entire image scene, not specific object locations or text extraction, so it cannot detect products on shelves or read expiration dates. Option C is wrong because Face Detection is designed to locate human faces in images, not products or text, and has no relevance to retail inventory management tasks.

130
MCQhard

Your Azure AI Search solution uses a custom skill to call an external API. The skill runs locally but fails when deployed to the search service. What is the most likely cause?

A.The skill's output field mappings are missing.
B.The skill's input field mappings are incorrect.
C.The indexer name is misspelled in the skillset.
D.The skill endpoint is not publicly accessible via HTTPS.
AnswerD

The search service cannot reach a local or non-HTTPS endpoint.

Why this answer

When a custom skill runs locally but fails after deployment to Azure AI Search, the most common cause is that the skill's endpoint is not publicly accessible via HTTPS. Azure AI Search indexers execute skills in the cloud and must be able to reach the external API over the internet using a secure HTTPS connection; localhost or HTTP endpoints will fail.

Exam trap

The trap here is that candidates assume the skill logic is faulty (input/output mappings) rather than recognizing that the network connectivity and HTTPS requirement is the fundamental difference between local testing and cloud execution.

How to eliminate wrong answers

Option A is wrong because missing output field mappings would cause the skill to execute successfully but fail to write results to the index, not prevent the skill from running. Option B is wrong because incorrect input field mappings would cause the skill to receive wrong or missing data but would not prevent the skill from being invoked or the endpoint from being called. Option C is wrong because a misspelled indexer name would cause the indexer to fail to run, but the skillset itself would still be valid and the custom skill endpoint would be reachable; the error would occur at the indexer level, not the skill execution.

131
Multi-Selecteasy

Which TWO of the following are best practices for securing Azure AI services?

Select 2 answers
A.Expose endpoints publicly to simplify client access.
B.Disable diagnostic logging to reduce data exposure.
C.Enable diagnostic settings to audit usage and detect anomalies.
D.Share API keys among multiple applications for simplicity.
E.Use managed identities to authenticate to Azure AI services.
AnswersC, E

Provides visibility into usage patterns.

Why this answer

Option C is correct because enabling diagnostic settings for Azure AI services allows you to collect and analyze logs and metrics, which is essential for auditing usage, detecting anomalies, and monitoring security-related events. This aligns with the security best practice of maintaining visibility into service activity to identify potential threats or misconfigurations.

Exam trap

The trap here is that candidates may think exposing endpoints publicly is acceptable for simplicity (Option A) or that sharing API keys is harmless (Option D), but Azure's security model emphasizes least privilege and credential isolation.

132
Matchingmedium

Match each Azure AI service to its primary function.

Drag a concept onto its matching description — or click a concept then click the description.

Concepts
Matches

Build conversational AI bots

AI-powered cloud search

Extract information from documents

Analyze video and audio content

Monitor metrics and detect anomalies

Why these pairings

These are core Azure AI services and their primary uses.

133
MCQmedium

You are an Azure AI engineer at Fabrikam Inc. The company has developed a custom vision model using Azure Custom Vision to detect defects on a manufacturing assembly line. The model is deployed as a Docker container to an on-premises edge device using Azure IoT Edge. Recently, the model's inference accuracy has decreased. The operations team reports that the edge device is running low on memory and CPU. The model was trained with images from a specific camera angle, but the camera angle has been changed slightly due to maintenance. You need to improve the model's accuracy. What should you do?

A.Upgrade the edge device to have more memory and CPU.
B.Reduce the image resolution to lower memory usage.
C.Retrain the model with new images captured from the current camera angle.
D.Convert the model to use grayscale images.
AnswerC

The model needs to learn the new perspective.

Why this answer

The decrease in accuracy is most likely due to the change in camera angle, which introduces a domain shift between the training images and the new inference images. Retraining the model with images captured from the current camera angle will realign the training data distribution with the production environment, directly addressing the root cause of the accuracy drop. This is a standard practice in Custom Vision when deployment conditions change.

Exam trap

The trap here is that candidates focus on the resource constraints (low memory/CPU) as the primary cause of accuracy loss, but the question explicitly states the camera angle changed, making retraining the only option that addresses the domain shift.

How to eliminate wrong answers

Option A is wrong because upgrading hardware (more memory/CPU) addresses resource constraints but does not fix the accuracy degradation caused by the camera angle change; the model's inference logic remains unchanged. Option B is wrong because reducing image resolution may lower memory usage but will likely further degrade accuracy by removing fine-grained defect details, and it does not correct the domain shift from the new camera angle. Option D is wrong because converting to grayscale discards color information that may be critical for defect detection (e.g., color-based anomalies), and it does not address the camera angle change.

134
MCQhard

A company is deploying a custom vision model using Azure Custom Vision. The training data contains images with varying resolutions. The model must achieve high accuracy. Which pre-processing step should be applied to the images before training?

A.Resize all images to the same dimensions (e.g., 224x224).
B.Convert images to grayscale.
C.Normalize pixel values to a range of 0-1.
D.Apply data augmentation techniques like random cropping.
AnswerA

Custom Vision expects consistent image sizes for optimal performance.

Why this answer

Custom Vision models use a fixed input size (e.g., 224x224 for ResNet-based architectures). Images with varying resolutions must be resized to the same dimensions before training to ensure consistent tensor shapes for the neural network. Without this step, the model cannot process the data correctly, leading to training failures or degraded accuracy.

Exam trap

Microsoft often tests the misconception that normalization or augmentation alone can compensate for varying image sizes, but the core requirement is that all images must be resized to the same dimensions to satisfy the fixed input layer of the neural network.

How to eliminate wrong answers

Option B is wrong because converting to grayscale removes color information, which is often critical for object recognition tasks (e.g., distinguishing objects by color); Custom Vision models expect 3-channel RGB input by default. Option C is wrong because pixel normalization (0-1) is typically applied internally by the Custom Vision service or as a separate step, but it does not address the fundamental requirement of uniform input dimensions. Option D is wrong because data augmentation (e.g., random cropping) is a technique to improve generalization, not a mandatory pre-processing step to handle varying resolutions; the model still requires all images to be resized to the same dimensions before augmentation.

135
Multi-Selecthard

Which THREE factors should you consider when selecting the pricing tier for an Azure AI Language resource to handle a high-volume production workload?

Select 3 answers
A.Transactions per second (TPS) limits
B.Maximum document size
C.Language support
D.SLA percentage
E.Latency guarantees
AnswersA, B, E

Higher tiers have higher TPS limits.

Why this answer

Option A is correct because the pricing tier for Azure AI Language directly determines the Transactions Per Second (TPS) limit, which is critical for high-volume production workloads. For example, the Free tier (F0) allows only 20 TPS, while Standard (S) tiers can scale to thousands of TPS depending on the selected SKU. Exceeding the TPS limit results in throttling (HTTP 429 errors), so selecting a tier with sufficient TPS capacity is essential to maintain throughput under load.

Exam trap

The trap here is that candidates often confuse 'features available' (like language support or SLA) with 'performance characteristics' (like TPS, document size, and latency), which are the actual tier-dependent factors that impact production workload handling.

136
MCQmedium

Refer to the exhibit. You are creating a Custom Vision project using the Azure AI Custom Vision API. The training data is stored in Azure Blob Storage with a SAS URI. The project creation fails with an authorization error. What is the most likely reason?

A.The domain 'general' is invalid
B.The exportModelContainerUri is missing
C.The SAS token is expired or has insufficient permissions
D.The project type 'Classification' is not supported
AnswerC

The SAS token expiry may be past or missing read permission.

Why this answer

The Custom Vision project creation fails because the SAS URI used to access training data in Azure Blob Storage has an expired token or lacks sufficient permissions (e.g., read/list). Custom Vision requires a valid SAS token with at least read and list permissions to import images from the container. An expired or under-permissioned SAS token results in an authorization error when the service attempts to access the blob storage.

Exam trap

The trap here is that candidates may confuse a SAS authorization error with a missing container URI or an invalid domain, when in fact the SAS token's expiry or insufficient permissions is the direct cause of the 403 error during blob access.

How to eliminate wrong answers

Option A is wrong because 'general' is a valid and commonly used domain for Custom Vision projects; it is not invalid. Option B is wrong because exportModelContainerUri is only required when exporting a trained model to a container, not for project creation or importing training data. Option D is wrong because 'Classification' is a fully supported project type in Custom Vision; the error is authorization-related, not about unsupported project types.

137
MCQmedium

You are building a custom copilot using Microsoft Foundry. The copilot must answer questions based on internal documents stored in SharePoint. Which two components are essential for this solution?

A.Azure AI Search with a SharePoint indexer
B.Azure AI Language conversational language understanding (CLU)
C.Azure AI Document Intelligence (Form Recognizer)
D.Azure OpenAI Service with a GPT model
AnswerA, D

Enables retrieval of relevant documents from SharePoint.

Why this answer

Azure AI Search with a SharePoint indexer is essential because it ingests and indexes the internal documents from SharePoint, enabling full-text and vector search capabilities that the copilot uses to retrieve relevant content. This indexer automates the crawling of SharePoint sites and keeps the search index synchronized with document changes, which is critical for answering questions based on up-to-date internal data.

Exam trap

The trap here is that candidates often confuse Azure AI Language CLU or Document Intelligence as necessary for understanding or processing documents, when in fact the core requirement is a search indexer to make SharePoint content queryable, and a generative model to produce answers from that content.

How to eliminate wrong answers

Option B is wrong because Azure AI Language conversational language understanding (CLU) is designed for intent classification and entity extraction in conversational flows, not for indexing or retrieving content from SharePoint documents. Option C is wrong because Azure AI Document Intelligence (Form Recognizer) is used for extracting structured data from scanned forms and documents, not for building a searchable index or powering a Q&A copilot over SharePoint content.

138
MCQmedium

Your organization is deploying an Azure AI service for document translation. The solution must support custom glossaries and real-time translation. Cost optimization is a key requirement. Which pricing tier should you choose?

A.Standard S1
B.Free F0
C.Basic S0
D.Premium S2
AnswerA

Standard tier supports custom glossaries and real-time translation at a cost-effective price.

Why this answer

The Standard S1 tier is the correct choice because it supports custom glossaries and real-time translation, which are required for the document translation solution. Additionally, S1 offers a balance of features and cost, making it optimal for production workloads where cost optimization is a key requirement, unlike the Free F0 tier which has limited throughput and no SLA, or the Premium S2 tier which is designed for high-volume scenarios at a higher cost.

Exam trap

The trap here is that candidates may confuse the pricing tiers of different Azure AI services (e.g., assuming Translator has a Basic S0 or Premium S2 tier like other services such as Language or Computer Vision) or incorrectly think the Free F0 tier can support custom glossaries and real-time translation at scale, when in fact it lacks those capabilities and has strict usage limits.

How to eliminate wrong answers

Option B (Free F0) is wrong because it does not support custom glossaries and has a capped monthly limit (e.g., 2 million characters), making it unsuitable for production use with real-time translation and glossary requirements. Option C (Basic S0) is wrong because the Basic tier is not available for the Translator service; the Translator service only offers Free F0 and Standard S1 tiers (S0 is a legacy tier for other Azure AI services like Text Analytics, not Translator). Option D (Premium S2) is wrong because it is not a valid tier for the Translator service; the Translator service does not have a Premium S2 tier, and even if it did, it would be more expensive than necessary for a solution that only needs custom glossaries and real-time translation.

139
MCQhard

You are an AI engineer at a healthcare company. The company uses Azure Cognitive Services to process medical records. They have a Computer Vision resource deployed in the East US region. Recently, they implemented a custom vision model for detecting specific anomalies in X-ray images. The model was trained using the Custom Vision portal and exported as a TensorFlow model. They deployed the model to an Azure Kubernetes Service (AKS) cluster using a Docker container. The container runs the model and exposes a REST API endpoint for inference. The endpoint is used by a web application that is also hosted in the same AKS cluster. The web application is experiencing high latency when making inference requests. The latency spikes up to 10 seconds during peak hours. The AKS cluster has autoscaling enabled based on CPU metrics. The container's resource limits are set to 1 CPU core and 2 GB memory. The model's inference time on a single image is approximately 500 ms on the development machine. The team has not changed the model or the application code recently. The number of concurrent users has increased by 50% in the last month. What should you do to reduce inference latency?

A.Increase the memory limit for the container to 8 GB.
B.Deploy additional replicas of the container and use a load balancer.
C.Optimize the model by quantizing it to reduce inference time.
D.Increase the CPU limit for the container to 4 cores.
AnswerD

More CPU allows handling more concurrent requests, reducing latency.

Why this answer

Option D is correct because the inference latency is caused by CPU saturation during peak hours. The container is limited to 1 CPU core, and with a 50% increase in concurrent users, the single core becomes a bottleneck, causing inference times to spike. Increasing the CPU limit to 4 cores allows the model to process multiple requests in parallel, reducing queue wait times and overall latency.

Exam trap

The trap here is that candidates often confuse horizontal scaling (adding replicas) with vertical scaling (increasing CPU cores), but in this scenario, the bottleneck is per-request CPU throughput, not request volume, so vertical scaling is the correct fix.

How to eliminate wrong answers

Option A is wrong because increasing memory to 8 GB does not address the CPU-bound nature of inference; the model's inference time is 500 ms on a development machine, indicating CPU is the bottleneck, not memory. Option B is wrong because deploying additional replicas with a load balancer would help with horizontal scaling but does not fix the per-request CPU starvation; each replica still has only 1 CPU core, so each request still faces the same single-core bottleneck. Option C is wrong because the model was exported as a TensorFlow model and the team has not changed the model or code recently; quantizing would require retraining or conversion, and the question states the model is already deployed and working, so this is a significant change that is not necessary when the root cause is resource limits.

140
MCQeasy

You are planning to use Azure AI Document Intelligence to process a large volume of mixed document types (invoices, receipts, and purchase orders). The solution must automatically classify each document type and extract relevant fields. What should you configure?

A.Use the Form Recognizer service with neural models
B.Create a custom classification model to identify document types, then use extraction models
C.Use prebuilt models for each document type and route based on filename
D.Use the Read model to extract all text and then use regular expressions to classify
AnswerB

Custom classification model handles mixed types accurately.

Why this answer

Option B is correct because Azure AI Document Intelligence (formerly Form Recognizer) requires a two-step process for mixed document types: first, a custom classification model identifies each document type (invoice, receipt, purchase order), then separate extraction models (custom or prebuilt) extract the relevant fields from each classified type. This approach ensures accurate routing and field extraction without relying on filenames or brittle regex patterns.

Exam trap

The trap here is that candidates assume a single model (like neural or prebuilt) can both classify and extract, but Azure AI Document Intelligence requires a separate classification step before extraction for mixed document types.

How to eliminate wrong answers

Option A is wrong because neural models are a type of extraction model (for improved accuracy on complex documents) but do not provide document-type classification; they cannot automatically distinguish between invoices, receipts, and purchase orders without a separate classifier. Option C is wrong because routing based on filename is unreliable and not a supported feature of Document Intelligence; filenames can be inconsistent or missing, and the service requires explicit classification logic. Option D is wrong because the Read model only extracts raw text and layout, not structured fields, and using regular expressions to classify document types is error-prone and not scalable for mixed document types with varying formats.

141
Multi-Selecthard

You are designing a solution that uses Azure AI Document Intelligence to extract data from invoices. The solution must handle high throughput and process documents in batch. Which TWO configuration options should you use?

Select 2 answers
A.Use the synchronous API for each invoice
B.Train a custom model for invoice extraction
C.Provision a standard (S0) tier Document Intelligence resource
D.Implement batch processing using the async document analysis API
E.Store output directly in Azure Blob Storage without API calls
AnswersC, D

S0 tier supports higher throughput and batch processing.

Why this answer

The standard (S0) tier is required for production-grade throughput because it offers higher transactions per second (TPS) and better scalability compared to the free (F0) tier. For batch processing of invoices, the async document analysis API is the correct choice because it supports submitting multiple documents in a single call and returns results via a polling mechanism, which is designed for high-volume scenarios.

Exam trap

The trap here is that candidates often confuse the synchronous API (which is simpler but not scalable) with the async API (which is designed for batch and high throughput), and they may also overlook that the free tier (F0) cannot handle production-level batch loads.

142
Multi-Selecthard

Which THREE components are part of the Azure AI Foundry SDK for building multi-agent solutions?

Select 3 answers
A.AIAgentClient
B.AIProjectClient
C.InferenceClient
D.Azure AI Search client
E.Azure OpenAI client
AnswersA, B, C

AIAgentClient is used to create and manage agents.

Why this answer

A is correct because AIAgentClient is a core component of the Azure AI Foundry SDK specifically designed for building and managing multi-agent solutions. It provides the necessary abstractions to create, orchestrate, and communicate with multiple AI agents within a single project, enabling complex workflows and agent collaboration.

Exam trap

The trap here is that candidates often confuse general-purpose clients like Azure OpenAI client or Azure AI Search client with the specialized agent orchestration client, assuming any 'AI' client can build multi-agent solutions, but only AIAgentClient provides the necessary agent lifecycle and communication primitives.

143
MCQhard

You are an AI engineer at Contoso. Contoso has a Microsoft Copilot for Microsoft 365 deployment. They want to build a custom copilot in Microsoft Copilot Studio that can answer questions about their internal IT support knowledge base stored in a SharePoint Online document library. The knowledge base includes hundreds of PDF and Word documents. Requirements: - The copilot must only answer from the approved knowledge base documents. - Responses must be grounded in the documents and include citations. - The solution must use generative answers with a prebuilt AI model (no custom model training). - Authentication must be via Microsoft Entra ID with single sign-on (SSO). - The copilot should be published to a Microsoft Teams channel. You need to recommend the minimal configuration steps. What should you do?

A.Create a custom Azure AI Language model using the documents. Then build a bot with Azure Bot Service and connect it to Copilot Studio.
B.Use Power Virtual Agents to create a bot. Add a custom entity to map document content. Use Power Automate to retrieve documents.
C.Use Azure AI Search to index the documents. Create a custom connector in Copilot Studio to query the search index. Configure authentication and publish to Teams.
D.In Copilot Studio, create a new copilot. Add the SharePoint document library as a knowledge source. Configure authentication with Microsoft Entra ID. Enable generative answers. Publish to the Teams channel.
AnswerD

This uses built-in features without custom coding, meeting all requirements.

Why this answer

Option B is correct. Copilot Studio allows connecting to SharePoint Online as a knowledge source for generative answers. Setting up authentication with Microsoft Entra ID provides SSO.

Publishing to Teams is a built-in channel. This meets all requirements without custom development. Option A is wrong because building a custom Azure AI Language model is unnecessary and violates the 'no custom model training' requirement.

Option C is wrong because Azure AI Search requires creating an index and custom skills, which is more complex and not minimal. Option D is wrong because Power Virtual Agents (now part of Copilot Studio) does not natively support generative answers with SharePoint grounding in the same simple way; the recommended approach is Copilot Studio with knowledge sources.

144
MCQeasy

A company needs to implement a chatbot that answers customer queries using a knowledge base. Which Azure AI service should be used to build the knowledge base?

A.Azure AI Language (Question Answering)
B.Azure Bot Service
C.Azure AI Translator
D.Azure AI Speech
AnswerA

Question Answering is specifically for creating knowledge bases.

Why this answer

Azure AI Language's Question Answering feature is specifically designed to create a knowledge base from structured or unstructured content (e.g., FAQs, product manuals, support documents). It uses a custom question-answering model that can be trained and published as a REST API endpoint, which a chatbot can then query to retrieve precise answers. This makes it the correct service for building the knowledge base itself.

Exam trap

The trap here is that candidates often confuse the chatbot orchestration service (Azure Bot Service) with the knowledge base service itself, forgetting that the Bot Service is a host for the bot logic and channel integration, while the knowledge base must be built using a dedicated AI service like Question Answering.

How to eliminate wrong answers

Option B (Azure Bot Service) is wrong because it is a framework for building, deploying, and managing chatbots, not for creating or storing a knowledge base; it would consume a knowledge base built by another service. Option C (Azure AI Translator) is wrong because it provides real-time text translation between languages, not a question-answering knowledge base. Option D (Azure AI Speech) is wrong because it handles speech-to-text and text-to-speech capabilities, not the storage or retrieval of factual answers from a knowledge base.

145
MCQeasy

A team is building a chatbot using Azure Bot Service and Language Understanding (LUIS). The chatbot must handle multiple languages. What should you configure?

A.Configure a single LUIS app with multilingual utterances
B.Use Azure AI Search to index translated content
C.Use Azure Translator to translate utterances before calling LUIS
D.Create separate LUIS applications for each language
AnswerD

Each LUIS app supports one language; multiple apps are needed for multiple languages.

Why this answer

Option D is correct because LUIS does not natively support multilingual models within a single app. Each LUIS application is designed for a single language, so to handle multiple languages, you must create separate LUIS apps—one per language—and route user utterances to the appropriate app based on the detected language. This ensures accurate intent and entity recognition tailored to each language's linguistic patterns.

Exam trap

The trap here is that candidates assume a single LUIS app can handle multiple languages by simply adding multilingual utterances, but LUIS explicitly requires separate apps per language because its models are language-specific and cannot generalize across languages.

How to eliminate wrong answers

Option A is wrong because a single LUIS app cannot be configured with multilingual utterances; LUIS apps are monolingual by design, and mixing languages in one app degrades prediction accuracy. Option B is wrong because Azure AI Search is a cognitive search service for indexing and querying content, not a tool for language detection or intent recognition in a chatbot; it does not replace the need for language-specific LUIS apps. Option C is wrong because while Azure Translator can translate utterances, translating before calling LUIS introduces latency, potential loss of nuance, and is not a recommended pattern—LUIS expects native-language utterances for optimal performance, and translation is better handled at the application layer if needed.

146
MCQhard

Your Azure AI Search indexer is failing to index documents from an Azure Blob Storage container. The error message shows 'AccessDenied'. What is the most likely cause?

A.The blob container name is misspelled in the datasource.
B.The indexer execution interval is set too high.
C.The search service's managed identity lacks 'Storage Blob Data Reader' role.
D.The index schema does not match the blob metadata.
AnswerC

AccessDenied indicates missing permissions to read blobs.

Why this answer

The 'AccessDenied' error indicates that the Azure AI Search service lacks the necessary permissions to read data from the Azure Blob Storage container. The most likely fix is to assign the 'Storage Blob Data Reader' role to the search service's system-assigned managed identity, which grants read access to blob containers and their contents.

Exam trap

Microsoft often tests the distinction between authentication (who you are) and authorization (what you can do), leading candidates to confuse a missing role assignment with a configuration error like a misspelled container name or schema mismatch.

How to eliminate wrong answers

Option A is wrong because a misspelled container name would cause a 'ContainerNotFound' or 'InvalidContainerName' error, not an 'AccessDenied' error. Option B is wrong because the indexer execution interval affects scheduling, not authentication or authorization; a high interval would simply delay indexing, not cause an access denial. Option D is wrong because schema mismatches between the index and blob metadata result in indexing failures with errors like 'FieldNotFound' or 'CannotConvertValue', not 'AccessDenied'.

147
Multi-Selectmedium

Which TWO are valid techniques for reducing latency in an Azure AI solution that processes real-time chat messages?

Select 2 answers
A.Use a larger, more accurate model for better performance.
B.Move the application to a different region to use a different pricing tier.
C.Deploy Azure AI services in the same region as the application.
D.Use batch processing to combine multiple messages into one API call.
E.Increase the client-side timeout to allow for slower responses.
AnswersC, D

Minimizes network round-trip time.

Why this answer

Option C is correct because deploying Azure AI services in the same region as the application minimizes network latency by reducing the physical distance data must travel. This ensures lower round-trip times (RTT) for real-time chat message processing, which is critical for maintaining responsiveness in interactive applications.

Exam trap

The trap here is that candidates often confuse model accuracy with performance, assuming a larger model will be faster, when in reality it increases latency due to higher compute demands, and they may overlook batch processing as a valid latency-reduction technique because they associate it only with throughput, not real-time responsiveness.

148
Multi-Selecteasy

Which TWO Azure services are used together to build a custom question-answering solution?

Select 2 answers
A.Azure AI Language (Custom Question Answering)
B.Azure AI Computer Vision
C.Azure AI Speech
D.Azure AI Search
E.Azure AI Translator
AnswersA, D

Custom Question Answering builds a knowledge base from documents.

Why this answer

Azure AI Language's Custom Question Answering (formerly QnA Maker) provides the core service for building a knowledge base of question-answer pairs and processing user queries. Azure AI Search acts as the underlying search index and retrieval engine, enabling the solution to scale, perform semantic ranking, and return relevant answers from the knowledge base. Together, they form a complete custom Q&A pipeline: Custom Question Answering for authoring and orchestration, and Azure AI Search for indexing and retrieval.

Exam trap

The trap here is that candidates often assume Azure AI Speech or Azure AI Translator are needed for a 'custom' solution, but the core requirement is a searchable knowledge base, which is provided by Azure AI Search, not by speech or translation services.

149
MCQhard

A healthcare organization uses Azure AI Health Insights to analyze patient data. They must ensure that PHI is not logged by the AI services. Which configuration should you apply?

A.Disable all logging for the Azure AI resource
B.Enable diagnostic settings to stream logs to a Log Analytics workspace with a data masking rule
C.Configure the resource to use a system-assigned managed identity
D.Use Azure Policy to restrict logging to metadata only
AnswerB

Data masking rules can redact PHI before logging.

Why this answer

Option B is correct because Azure AI Health Insights processes protected health information (PHI), and enabling diagnostic settings to stream logs to a Log Analytics workspace with a data masking rule allows you to redact sensitive PHI from logs before they are stored. Data masking rules in Log Analytics can be configured to hide patterns like patient IDs or names, ensuring compliance with HIPAA while still retaining operational logs.

Exam trap

The trap here is that candidates confuse disabling logging entirely (Option A) with selectively masking sensitive data, or they mistakenly think managed identities (Option C) or Azure Policy (Option D) can control log content, when in fact only data masking rules within diagnostic settings provide the required PHI redaction at the log ingestion layer.

How to eliminate wrong answers

Option A is wrong because disabling all logging for the Azure AI resource would prevent any monitoring or auditing, which is often required for compliance and operational troubleshooting; it does not selectively protect PHI. Option C is wrong because configuring a system-assigned managed identity controls authentication and access to other Azure resources, not the content of logs or PHI masking. Option D is wrong because Azure Policy can enforce resource configurations but cannot directly restrict the content of logs to metadata only; it lacks the granularity to mask or filter PHI within log entries.

150
MCQeasy

A company wants to use Azure AI services to extract text from scanned PDF documents. Which Azure AI service should they use?

A.Azure AI Language Understanding (LUIS)
B.Azure AI Document Intelligence
C.Azure AI Computer Vision API
D.Azure Cognitive Search
AnswerB

Document Intelligence is optimized for document extraction.

Why this answer

Azure AI Document Intelligence (formerly Form Recognizer) is the correct service because it is specifically designed for extracting text, tables, and key-value pairs from scanned PDFs and images using optical character recognition (OCR) and deep learning models. Unlike general OCR APIs, Document Intelligence can handle complex layouts and preserve document structure, making it ideal for this use case.

Exam trap

The trap here is that candidates often confuse the general-purpose Computer Vision OCR API with the specialized Document Intelligence service, overlooking that Document Intelligence offers superior layout understanding and prebuilt models for document-centric extraction tasks.

How to eliminate wrong answers

Option A is wrong because Azure AI Language Understanding (LUIS) is a conversational language understanding service for intent and entity extraction from natural language utterances, not for extracting text from scanned documents. Option C is wrong because while Azure AI Computer Vision API includes OCR capabilities, it is a general-purpose image analysis service that lacks the specialized layout analysis, table extraction, and form understanding features that Document Intelligence provides for scanned PDFs. Option D is wrong because Azure Cognitive Search is a search indexing and query service that can index extracted text but does not perform the initial extraction from scanned PDFs itself.

← PreviousPage 2 of 3 · 218 questions totalNext →

Ready to test yourself?

Try a timed practice session using only Plan and manage an Azure AI solution questions.