Microsoft Study Guide

AI-102: Azure AI Engineer Associate Study Guide

AI-102: Azure AI Engineer Associate validates your ability to build, manage, deploy, and secure AI solutions on Azure using services for natural language processing, computer vision, document intelligence, knowledge mining, and generative AI. It targets software developers and AI engineers who integrate Azure AI services into applications and is a 120-minute exam with a passing score of 700 (scaled 1-1000). Expect scenario-based questions covering provisioning, security, monitoring, responsible AI, and the correct service selection for a given business need.

Domain 1 Domain 2 Domain 3 Domain 4 Domain 5 Domain 6 Domain 7

Practice AI-102 questions free Create free account

Domain 1: Plan and Manage an Azure AI Solution

Key concepts you must know · 149 practice questions

An Azure AI Services multi-service resource exposes one endpoint and one key (one pair) for many services (Vision, Language, Speech, etc.), simplifying management and consolidating billing versus separate single-service resources.
Microsoft Entra ID (formerly Azure AD) token authentication is the recommended secure method over subscription keys; it supports RBAC, centralized identity, and audit trails. The Cognitive Services User role grants data-plane access.
To lock down network access, configure a private endpoint (a NIC inside your VNet) for the Azure AI Services resource and disable public network access so traffic never traverses the public internet.
Store subscription keys in Azure Key Vault and reference them at runtime; regenerate keys periodically (each resource has two keys so you can rotate one while the other stays active).
Customer-managed keys (CMK) for encryption at rest are configured using keys stored in Azure Key Vault, giving you control over the encryption key lifecycle (Microsoft-managed keys are the default).
Azure AI containers (for disconnected/on-premises use) require the ApiKey and Billing (endpoint URI) parameters plus EULA acceptance; they periodically send metering/usage data to Azure for billing and stop functioning after a billing grace period if connectivity is lost.
Monitor service health with Azure Monitor: enable metrics (total calls, errors, latency) and configure diagnostic settings to send logs to a Log Analytics workspace for KQL querying, alerting, and long-term retention.
Configure metric alerts in Azure Monitor on the Azure AI Services resource to be notified of throttling, errors, or latency spikes.
Microsoft's Responsible AI principles are Fairness, Reliability and Safety, Privacy and Security, Inclusiveness, Transparency, and Accountability.
Enforce data residency and compliance with Azure Policy (e.g., a policy that restricts allowed resource locations) and deploy to in-region datacenters such as West Europe or North Europe for EU data residency.
For high availability, implement retry logic with exponential backoff in client apps and deploy to paired Azure regions with Azure Traffic Manager (or Front Door) for failover.
Throttling (HTTP 429 Too Many Requests) is enforced per the resource's pricing tier rate limits; handle it with retry-after backoff rather than tight retry loops.
Azure Kubernetes Service (AKS) is the recommended platform for hosting Azure AI containers at scale in production with orchestration and autoscaling.
Cost management for AI workloads relies on choosing the correct pricing tier (free F0 vs. standard S0), monitoring usage metrics, and consolidating into a multi-service resource where appropriate.

Domain 2: Implement Content Moderation Solutions

Key concepts you must know · 125 practice questions

Azure AI Content Safety returns discrete severity scores of 0 (Safe), 2 (Low), 4 (Medium), and 6 (High) on a 0-6 even-number scale for each harm category.
The four harm categories analyzed by Content Safety are Hate (and fairness), Sexual, Violence, and Self-Harm; each is scored independently.
Setting a filter threshold to 0 blocks content flagged at any severity (strictest); higher thresholds allow lower-severity content through.
Prompt Shields detect and mitigate prompt-injection and jailbreak attacks, including attempts to override system instructions (direct attacks) and indirect attacks embedded in documents.
Groundedness detection checks whether a model's response is factually grounded in the provided source documents, helping catch hallucinations in RAG scenarios.
Protected material detection identifies known copyrighted text (and code) in model output to reduce IP risk.
Custom categories let you define organization-specific content policies using example-based (few-shot) definitions beyond the built-in harm categories.
Custom blocklists flag or block specific terms and phrases that built-in categories may not cover, enforcing organization-specific values.
The Image Analysis API in Content Safety moderates images for the same four harm categories and returns severity scores per category.
To moderate video, extract individual frames and analyze them with the image moderation API, and extract the audio transcript to analyze with text moderation.
Azure AI Studio / Azure OpenAI content filtering applies to both input prompts and model completions (outputs), with configurable thresholds per category.
For detecting and redacting personal data (SSNs, credit card numbers, passport numbers, emails, phone numbers), use Azure AI Language PII detection and redaction rather than Content Safety.
Content Safety can be deployed as a container for on-premises or low-latency moderation needs.
Annotated examples (text or image) train custom categories; built-in categories require no training and are available immediately.

Domain 3: Implement Computer Vision Solutions

Key concepts you must know · 128 practice questions

Azure AI Vision Image Analysis 4.0 provides built-in visual features: Caption, Dense Captions, Tags, Objects (with bounding boxes), People (with bounding boxes), Smart Crops, and Read (OCR) in a single API.
The Read API (OCR) extracts both printed and handwritten text from images and documents and returns text with location coordinates.
Dense captions generate natural-language descriptions for multiple regions of an image (vs. a single caption for the whole image).
Smart cropping with aspect-ratio support generates thumbnails focused on the most relevant region of an image.
Multimodal embeddings (vectorize image / vectorize text) let you perform image similarity and image-to-text search by comparing vectors in the same embedding space.
An object's bounding box is the rectangular region, expressed in pixels, that encloses a detected object within the image.
Custom Vision supports two project types: Image Classification (assign tags/categories to whole images) and Object Detection (locate objects with bounding boxes); after tagging images you must start a training iteration to produce a model.
Custom Vision domains include General, General (compact, exportable to edge/containers), Food, Landmarks, Retail, and a compact domain is required to export the model.
Use Image Analysis 4.0 with a custom model (or Custom Vision) when you need to recognize organization-specific products not covered by the prebuilt general model.
The Azure AI Face service provides face detection and Verify (one-to-one comparison) for identity verification, plus Identify (one-to-many) and Find Similar; facial recognition features are gated behind Limited Access approval.
Azure AI Vision Spatial Analysis (which detected, counted, and tracked people in real-time camera feeds via an edge container) was retired on 30 March 2025; for current people-counting, occupancy, and video-insight scenarios Microsoft now directs you to Azure AI Video Indexer or Azure AI Content Understanding.
Azure AI Video Indexer extracts insights such as transcript with timestamps, visual labels/objects in frames, faces, OCR, and topics to make video archives searchable.
Background removal and the Segment API in Image Analysis 4.0 were retired on 31 March 2025 and now return errors; for foreground/background separation Microsoft points to the open-source Florence-2 segmentation model or a third-party tool.
Choose Custom Vision for a small number of custom classes/objects with limited training data; choose Image Analysis 4.0 with a custom model for higher-accuracy few-shot custom recognition on the newer Florence foundation model.

Domain 4: Implement NLP Solutions

Key concepts you must know · 145 practice questions

Conversational Language Understanding (CLU) is the modern Azure AI Language feature for building language models that recognize user intents and extract entities from utterances; both intents and entities are required components.
An Orchestration workflow project in CLU routes an incoming utterance to the right downstream project: a CLU app, a custom question answering knowledge base, or a LUIS app.
Custom text classification supports two project types: single-label (each document belongs to exactly one mutually exclusive category) and multi-label (a document can have multiple categories).
Custom Named Entity Recognition (Custom NER) trains on labeled examples to extract domain-specific entities (e.g., policy numbers, claim IDs) not covered by prebuilt NER.
Prebuilt NER recognizes categories such as Person, Location, Organization, DateTime, Quantity, and more without training.
Sentiment analysis returns positive/negative/neutral with confidence scores; enabling opinion mining (aspect-based) links sentiments to specific opinion targets (e.g., 'the food' vs. 'the service').
Key phrase extraction and language detection are prebuilt Azure AI Language features requiring no model training; language detection returns the language with a confidence score.
Text summarization offers extractive (selects key sentences) and abstractive (generates new summary text) modes, plus conversation summarization.
PII detection identifies and can redact categories such as SSNs, credit card numbers, passport numbers, email addresses, and phone numbers.
Custom Question Answering builds a knowledge base from documents/FAQs and returns ranked answers to user questions (successor to QnA Maker).
Azure AI Translator translates text from one source language to multiple target languages in a single request and supports a dynamic dictionary feature (using mstrans markup in the request) to force specific translations of terms.
Speech-to-text supports real-time transcription via the Speech SDK and batch transcription; train a custom speech model with domain audio/transcripts to improve accuracy for jargon or noisy audio.
Text-to-speech supports SSML to control speaking rate, pitch, pauses, and emphasis, and offers neural and custom neural voices.
Speech translation provides real-time speech-to-speech and speech-to-text translation across languages via the Speech SDK.

Domain 5: Implement Knowledge Mining and Document Intelligence

Key concepts you must know · 143 practice questions

Azure AI Search has four core components: a data source (connection to the data store, e.g., Blob Storage), a skillset (AI enrichment), an indexer (orchestrates the pipeline), and an index (queryable schema that stores results).
The indexer pipeline runs in this order: document cracking, skillset enrichment, output field mappings, then index population (field mappings map source fields to index fields).
A skillset contains built-in cognitive skills (language detection, key phrase extraction, entity recognition, OCR, image analysis) chained together, and can include custom skills.
A custom skill (Web API skill) calls external logic such as an Azure Function with an HTTP trigger or an Azure ML endpoint, defined in the skillset with input/output mappings.
A knowledge store persists enriched output to storage: table projections write structured rows to Azure Table Storage (good for Power BI), and object projections write JSON blobs to Azure Blob Storage.
Vector search in an index requires a vector field of type Collection(Edm.Single) with an assigned vector search profile and a vector search algorithm configuration such as HNSW (or exhaustive KNN).
Semantic ranking (semantic configuration with the semantic ranker) re-ranks results using deep-learning models to better match the semantic meaning of the query, and can return captions and answers.
Field mappings (in the indexer) handle source-to-index field name/encoding differences; output field mappings map enriched data produced by skills into the index.
Azure AI Document Intelligence (formerly Form Recognizer) provides prebuilt models including Invoice, Receipt, Identity document, W-2, Layout, and General Document.
The prebuilt Layout model extracts text, tables, selection marks, and document structure; the General Document model adds key-value pairs.
Use a custom extraction model when you need fields from a form unique to your organization; you label sample documents and the service trains a model that returns those fields with confidence scores.
Custom models in Document Intelligence include custom template (form layouts are consistent) and custom neural (variation in layout), plus composed models that combine several custom models.
Document Intelligence returns confidence scores and bounding region (polygon) coordinates for every extracted field, enabling human-in-the-loop review of low-confidence values.
Integrated vectorization in Azure AI Search can automatically chunk and embed documents during indexing, building a vector index for RAG without a separate pipeline.

Domain 6: Implement Generative AI Solutions

Key concepts you must know · 135 practice questions

GPT models are deployed in an Azure OpenAI resource managed through Azure AI Foundry (formerly Azure AI Studio); a deployment specifies the model, version, and capacity (tokens per minute) and provides the endpoint.
The system message defines the assistant's persona, role, output format, and global behavior constraints; instructions about tone and format belong here.
Temperature controls randomness: lower values (near 0) give deterministic, grounded outputs; higher values increase creativity. top_p (nucleus sampling) is the alternative randomness control.
Retrieval-Augmented Generation (RAG) combines a retrieval system (e.g., Azure AI Search) that fetches relevant documents with a generative model that produces grounded responses; it grounds answers without changing model weights.
Azure OpenAI On Your Data is the built-in RAG feature that connects an Azure AI Search index to a deployment and instructs the model to answer from retrieved data, with no fine-tuning required.
Embedding models such as text-embedding-ada-002, text-embedding-3-small, and text-embedding-3-large convert text into dense vectors for semantic similarity search.
Fine-tuning trains a base model on a JSONL training dataset of prompt-completion (or chat) example pairs to adapt style/format; you need a deployed base model to fine-tune from. Use fine-tuning for behavior/format, RAG for knowledge.
Function calling (tool use) lets you define function schemas in the request; the model returns which function and arguments to call, your application executes it and returns the result to the model.
To reduce hallucination and force grounding, lower the temperature, provide specific details in the prompt context, and instruct the model in the system message to answer only from the provided information.
Manage context-window limits by summarizing or truncating older conversation messages; choose a model with a large context window (e.g., 128K tokens) when needed.
Azure OpenAI content filtering classifies both prompts and completions across Hate and fairness, Sexual, Violence, and Self-harm, with configurable severity thresholds.
Azure AI Foundry provides a prompt flow visual editor for LLM orchestration, built-in evaluation tools to test outputs against ground truth, and a model catalog of foundation models from multiple providers.
Few-shot learning (including examples in the prompt/system message) and clear instructions improve output quality without training; zero-shot relies on instructions alone.
Provisioned Throughput Units (PTUs) offer reserved, predictable capacity and latency for high-volume Azure OpenAI workloads, versus pay-as-you-go standard deployments.

Domain 7: Implement Agentic Solutions

Key concepts you must know · 48 practice questions

An AI agent autonomously plans, reasons, and takes actions using tools to accomplish goals with minimal human intervention, iterating based on observations (unlike a passive chatbot).
A tool (function) is defined with a name, description, and a JSON schema describing its parameters; clear tool descriptions and system instructions are critical so the agent picks the right tool.
The Microsoft Foundry Agent Service (Azure AI Agent Service) requires an Azure AI Foundry project with a connected Azure OpenAI deployment to power agent reasoning.
Built-in agent tools include File Search (connected to a vector store of indexed documents for grounding), Code Interpreter, and Function calling for custom actions.
The ReAct (Reasoning and Acting) pattern has the agent alternate between thinking, acting (calling a tool), and observing results until the goal is met.
Agent memory persists conversation context and user information; create a separate conversation thread per user with isolated memory so contexts do not leak between users.
Multi-agent orchestration patterns include round-robin (agents take turns), supervisor (a coordinator delegates to specialized agents), two-agent chat (exchange until termination), and GroupChat with a group chat manager.
Microsoft AutoGen and Semantic Kernel are frameworks for building multi-agent systems with asynchronous message passing between agents.
Apply least privilege to agent tools (grant only the access needed) and use role-based access control with scoped memory so each agent reads only data relevant to its function.
Implement human-in-the-loop checkpoints for high-stakes actions; for example, a refund tool should require human approval for amounts over a defined threshold via a programmatic check in the function.
Manage long conversations within token limits using a sliding window plus summarization of older messages to retain relevant context.
Evaluate agents with end-to-end testing on representative user scenarios and adversarial testing for malicious inputs and edge cases; track metrics like task completion rate (percentage of requests successfully resolved).
Agent safety mitigations map to concerns: prompt injection -> Prompt Shields/input validation, data leakage -> scoped memory and RBAC, harmful output -> content filtering, and unauthorized actions -> human approval and least privilege.
Connected/knowledge tools let agents call Azure AI Search, Bing grounding, or external OpenAPI-described APIs to retrieve fresh, grounded information at run time.

AI-102 exam tips

Master service selection: many questions describe a business scenario and ask which Azure AI service fits. Build a mental decision table mapping needs (extract form fields, moderate images, recognize intent, ground answers in your data) to the exact service.
Know the security and management story cold: private endpoints + disable public access, Entra ID over keys, Key Vault for secrets and CMK, Azure Monitor + Log Analytics for diagnostics, and the six Responsible AI principles.
Memorize concrete numbers and defaults: Content Safety severity scale (0/2/4/6), the four harm categories, low temperature for deterministic output, embedding model names, HNSW for vector search, and the indexer pipeline order.
Distinguish overlapping features: fine-tuning (style/format) vs. RAG (knowledge); single-label vs. multi-label classification; Custom NER vs. prebuilt NER; Custom Vision classification vs. object detection; extractive vs. abstractive summarization.
Read scenario questions for the deciding constraint (cost, latency, data residency, on-premises/disconnected, network isolation, or no model training allowed) - that constraint usually eliminates all but one answer.

Study guide FAQ

How is AI-102 scored and what do I need to pass?

Microsoft exams are scored on a scaled range of roughly 1-1000, and you need 700 to pass. Scoring is not a simple percentage because questions are weighted, and you are not penalized for wrong answers, so answer every question. You have about 120 minutes.

Do I need to write code, and in which languages?

Yes, AI-102 assumes hands-on developer skills. You should be comfortable calling Azure AI services via REST and the Azure SDKs, primarily C# (.NET) and Python, and understand the Speech SDK, the Azure OpenAI SDK, and Azure AI Search index/skillset/indexer JSON definitions.

How much of the exam is about generative AI and agents now?

Generative AI and agentic solutions are a significant and growing portion. Expect strong coverage of Azure OpenAI deployments, prompt engineering, RAG with Azure AI Search and 'On Your Data', fine-tuning, function calling, content filtering, and the Azure AI Foundry Agent Service with tools, memory, and multi-agent orchestration.

What is the difference between Azure AI Search and Azure AI Document Intelligence?

Azure AI Search is a knowledge-mining platform that indexes and enriches large content sets to make them searchable (full-text, vector, and semantic search) using data sources, skillsets, indexers, and indexes. Document Intelligence extracts structured fields, key-value pairs, and tables from individual documents using prebuilt or custom models. They often work together: Document Intelligence can be a skill feeding extracted data into an Azure AI Search index.

Test yourself: 873 AI-102 practice questions