Most Recent Microsoft AI-103 Exam Dumps

The correct answer is A. Speech recognition requests will fall back to the most recent base model for the same locale. Microsoft's custom speech model lifecycle guidance states that when a model expires, it is no longer available for transcription. For the custom endpoint route, speech recognition requests fall back to the most recent base model for the same locale. The documentation also warns that recognition results might still be returned, but the transcription may no longer reflect the domain-specific adaptation of the custom model.

This distinguishes real-time custom endpoint behavior from batch transcription behavior. Batch transcription requests that specify an expired model fail with a 4xx error, but that is not the route described in this question. The agent is using a custom endpoint for real-time recognition, so fallback to the latest base model is the expected behavior. The model is not automatically deleted merely because it expires, and it does not continue to use the expired custom model indefinitely. The operational recommendation is to update the endpoint's model before expiration by redeploying the endpoint with a newer custom model. Reference topics: Azure Speech custom speech model lifecycle, custom endpoints, model expiration, real-time speech recognition, and endpoint redeployment.

The correct answer is A. Implement image moderation. Azure AI Content Safety provides image analysis that classifies uploaded images for harmful content, including harm categories such as hate, sexual content, violence, and self-harm. Microsoft's Content Safety overview states that the Analyze Image API scans images for harmful content with multi-severity levels, which directly matches the requirement to automatically classify uploaded photos and block content based on configured severity thresholds.

Prompt Shields are intended to detect prompt injection and jailbreak-style attacks against generative models, not to classify image harm categories. Keyword scanning OCR output would only detect visible text extracted from the image and would miss visual harm in the image itself. Blocklists can help match known words or custom patterns, but they are not a complete image safety classifier and do not provide the built-in severity-based image harm classification required here. Image moderation is therefore the correct control for user-uploaded photos. Reference topics: Azure AI Content Safety, image moderation, harm categories, severity levels, Foundry guardrails, and responsible AI controls.

The solution does not fully meet the goal. Image moderation is appropriate for one part of the risk: blocking unsafe image content before the image is processed. Azure AI Content Safety provides image APIs that detect harmful content, and its harm categories and severity levels can be used to classify and block objectionable image content. This addresses unsafe photos, but it does not address hidden instructions embedded in images.

The second risk is prompt manipulation through extracted image text. After OCR extracts text from the uploaded image, that text becomes untrusted third-party content supplied to a generative model. Microsoft defines document attacks as malicious instructions embedded in third-party content, where the objective is to cause the model to execute unintended commands or alter intended behavior. Prompt Shields are the control designed to detect user prompt attacks and document attacks, including indirect attacks that come from uploaded or referenced content.

Therefore, image moderation alone is incomplete. A complete mitigation would combine image moderation for harmful visual content with Prompt Shields for document attacks, and optionally Spotlighting, so extracted or embedded text is treated as lower trust. Reference topics: Azure AI Content Safety, image moderation, Prompt Shields, document attacks, indirect prompt injection, and multimodal safety.

The correct selection is D. In Microsoft Foundry Agent Service, tool_choice is the runtime control used to influence whether the model may answer directly or must invoke a tool. Microsoft's tool best-practice guidance states that auto lets the model decide whether to call tools, none prevents tool calls, and required means the model must call one or more tools. This directly addresses the issue where some runs answer from the base model and skip the knowledge base.

For an agentic retrieval solution backed by Azure AI Search through an MCP tool, Microsoft's tutorial states that setting tool_choice='required' ensures the agent always uses the knowledge base tool when processing queries. This produces grounded answers because the run is forced into tool invocation before responding. auto is incorrect because it preserves the nondeterministic behavior already causing missing citations. {'type':'knowledge_base'} is not a valid Foundry tool-choice type. {'type':'mcp'} describes an MCP tool type in some Responses API schemas, but the deterministic guarantee for this agent run scenario is the required tool-call mode. Reference topics: Microsoft Foundry Agent Service, MCP tools, Azure AI Search agentic retrieval, tool_choice, and grounded citations.

The solution does not meet the goal. Increasing max_tokens only raises the maximum number of tokens the model is allowed to generate. Microsoft's Azure OpenAI reference defines max_tokens as the maximum number of tokens allowed for the generated answer, and the quota guidance notes that increasing it can help when responses are being truncated.

In this scenario, the problem is not described as output truncation. The required regulatory clauses are already present in the retrieved policy documents, but the agent omits them during summarization. That is a response completeness issue: Microsoft Foundry RAG evaluator guidance defines response completeness as the recall aspect of the response, meaning the response should not miss critical information compared with expected content or ground truth.

A larger token budget might permit a longer answer, but it does not force the model to identify, verify, or include each mandatory clause. It can also increase cost and latency. The appropriate control is a reflection or completeness verification pass that checks the draft against the retrieved policy clauses and regenerates or revises the response when required content is missing. Reference topics: RAG response completeness, model output limits, max_tokens, reflection, and response validation.