Oracle Cloud Infrastructure 2025 Generative AI Professional Advanced Practice Exam: Hard Questions 2025

You are designing a RAG (retrieval-augmented generation) system on OCI for a regulated enterprise. The legal team requires that the model must not answer using information outside a curated corpus, and the platform team requires the system to be resilient to prompt injection attempts embedded inside retrieved documents. The application must still provide useful answers, including citations. Which approach best satisfies these requirements?

A customer support chatbot built with a foundation model shows strong performance on common issues but fails on rare, policy-heavy edge cases. The business requires: (1) predictable policy compliance, (2) the ability to update policies weekly without retraining, and (3) auditability of what policy text influenced each answer. Which strategy is the best fit?

An OCI Generative AI Service deployment is experiencing intermittent latency spikes and occasional request failures during peak hours. You observe that the application sends long prompts containing repeated instructions and full conversation history, and also requests high max output tokens for every call. The business requirement is to reduce latency and failure rates while maintaining answer quality. What is the most effective first set of changes?

A team is building an internal code-assistant using OCI Generative AI Service. Source code and tickets are confidential. Security requires that no sensitive code is used to train any model and that access to the assistant is restricted by least privilege. The team also wants a way to prove which compartment and policies govern the service usage. Which design most directly meets these constraints?

You are troubleshooting a RAG application on OCI where the model consistently answers incorrectly despite relevant documents existing in the corpus. Testing shows the retriever often returns semantically similar but wrong passages (near-miss retrieval), especially for acronyms and product codenames. Which change is most likely to improve retrieval precision without retraining the foundation model?

A production application uses OCI Generative AI Service for summarizing medical notes. The summaries must be deterministic and reproducible for clinical review, and the system must minimize the chance of invented details. Which configuration and prompting strategy best supports these requirements?

You are integrating OCI Generative AI into a multi-tenant SaaS. Each tenant has its own knowledge base for RAG and strict data isolation requirements. Tenants share the same application deployment. What is the most robust architecture to prevent cross-tenant data leakage while maintaining operational simplicity?

A team built an agentic workflow that calls tools (database lookup, ticket creation, and email) based on the model’s output. During testing, the model occasionally issues tool calls with malformed parameters or attempts actions not allowed for the user. The team must enforce least privilege and ensure safe, correct tool execution. What is the best control pattern?

Your application team wants to cache model responses to reduce latency and cost. However, requests may contain sensitive customer data, and the same prompt text could appear across tenants with different entitlements. Which caching strategy best balances performance with security and correctness?

An enterprise must adopt OCI Generative AI for internal knowledge search. Governance requires: (1) demonstrable data minimization, (2) auditable access to models and knowledge sources, (3) separation of duties between developers and security administrators, and (4) a process to detect and respond to prompt-injection and data-exfiltration attempts. Which combination of controls best meets these requirements?