Master Microsoft AI-103: Azure AI Apps Practice Questions

Correct : B

The solution does not meet the goal. Increasing temperature changes the sampling behavior of the generative model, not the completeness-checking logic of the application. Microsoft's Azure OpenAI reference defines temperature as a sampling control where higher values make output more random, while lower values make output more focused and deterministic. Raising the value can increase variation and creativity, but it does not ensure that all required regulatory clauses from the retrieved policy documents are included.

The reported issue is a recall/completeness failure: relevant clauses are already present in retrieved content, but the generated summary omits them. Microsoft Foundry RAG evaluator guidance defines Response Completeness as whether a response covers critical information compared to expected information or ground truth, and distinguishes it from groundedness, which checks that responses do not go beyond grounding context.

A more suitable implementation would add a reflection, verification, or completeness review pass that compares the draft summary against the retrieved clauses and revises the response before returning it. Increasing temperature could make outputs less predictable and may worsen omission risk. Reference topics: model parameters, temperature, RAG response completeness, retrieved context, and model reflection.

Correct : B

The solution does not meet the goal. A completeness evaluation flow is useful for detecting incomplete responses, but detection and blocking do not improve the response itself. Microsoft Foundry RAG evaluators define Response Completeness as a metric that measures whether a response covers all critical information from the expected response or ground truth. It is a system evaluation signal used to assess response quality and produce pass/fail or scored results.

In this scenario, the issue is that the agent omits required regulatory clauses even though the clauses are present in retrieved content. Blocking low-scoring responses would prevent incomplete answers from being returned, but it would not revise the summary, add the missing clauses, or improve the generation process. The appropriate improvement is to add a response-generation control such as a reflection or verification pass that checks the draft summary against the retrieved policy content and regenerates or amends the answer before returning it. Evaluation can support the quality gate, but by itself it is an assessment mechanism, not a completeness-enhancement mechanism. Reference topics: Microsoft Foundry RAG evaluators, response completeness, grounded generation, reflection, and response quality optimization.

Correct : A

The correct answer is A. an Azure Content Understanding in Foundry Tools analyzer. In Azure Content Understanding, an analyzer is the reusable configuration that defines what content type is processed, which elements are extracted, and how the output is structured. Microsoft's analyzer guidance states that analyzers define extraction for text, layout, tables, fields, and output formats such as Markdown and JSON. This makes the analyzer the first required configuration step before downstream reasoning or agent orchestration can use the extracted content.

This matches the requirement because the documents contain scanned text, tables, and multicolumn layouts. Content Understanding document analysis is designed to transform unstructured documents into structured, machine-readable output while preserving document structures and relationships. Its Markdown representation converts unstructured documents into GitHub Flavored Markdown while maintaining content and layout for downstream use.

A generative chat completion request or Azure OpenAI Responses API call could reason over extracted content, but it is not the correct first step for OCR, layout preservation, and Markdown conversion. Azure Language focuses on text analysis after content has already been extracted. Reference topics: Content Understanding analyzers, document extraction, OCR, layout analysis, Markdown output, and downstream reasoning.

Correct : D

The correct answer is D. prompt shields for documents. The OCR text is extracted from uploaded images and appended as additional context, so it is third-party content rather than a direct trusted user instruction. Microsoft Foundry Prompt Shields distinguish between user prompt attacks, which are malicious instructions directly supplied as user prompts, and document attacks, which are hidden or embedded instructions in third-party content such as documents, emails, webpages, or grounded data. Microsoft also notes that Prompt Shields analyze indirect attacks embedded in input documents or images.

This scenario is an indirect prompt injection pattern: an uploaded screenshot may contain text that says to ignore the system prompt or perform unauthorized actions. Because the OCR output is being passed to the multimodal model as contextual content, the appropriate protection is Prompt Shields for documents, which scans externally sourced context for malicious embedded instructions before generation. Protected material text detects known copyrighted text in model outputs, not prompt injection. Image moderation detects harmful visual content categories, not malicious instructions in extracted context. Prompt Shields for user prompts are less precise here because the risk comes from document-like content derived from the uploaded image. Reference topics: Prompt Shields, document attacks, indirect prompt injection, multimodal safety, OCR-derived context, and Foundry guardrails.

Correct : C

The correct configuration is an API key security scheme. For Microsoft Foundry Agent Service OpenAPI tools, the OpenAPI specification must declare authentication through the components.securitySchemes section and use a scheme of type apiKey when the external service expects a key in a header. Microsoft's OpenAPI tool guidance states that API key authentication requires updating the OpenAPI spec security schemes with one scheme of type apiKey, and the tool then uses the associated project connection to supply the key value at runtime. This allows the key stored in Project1's connection to be injected automatically when the tool is invoked.

A header parameter defined separately for each operation is not the correct approach because credentials should not be modeled as ordinary operation parameters. The Foundry guidance explicitly indicates that parameters requiring the API key should be removed from the OpenAPI spec because the API key is stored and passed through a connection. A Bearer token security scheme is used for bearer-token-style authorization, not a generic weather API key passed in a custom HTTP header. Azure Key Vault is a secret store, but the scenario already stores the key in a Foundry project connection. Reference topics: Microsoft Foundry Agent Service, OpenAPI tools, project connections, API key authentication, and OpenAPI security schemes.