Microsoft Certified: Agentic AI Business Solutions Architect (beta) Practice Exam 2025: Latest Questions

A retail company wants a customer-support agent that can answer questions using internal policy documents stored in SharePoint and PDF files. The agent must cite sources and avoid inventing answers when the information is missing. What is the recommended architecture pattern?

Your organization is building an HR agent that will draft offer letters. The agent must always request human approval before sending any external email and must never send messages directly. Which design choice best enforces this requirement?

A finance agent needs to query an Azure SQL Database using the organization's identity platform. You must avoid storing database passwords or secrets in application code. What is the best approach?

You are integrating an agent into an enterprise workflow that has multiple steps: intake request, validate data, call an external system, and write results to a business system. You need reliability, state management, and the ability to resume after transient failures. Which orchestration approach is most appropriate?

A claims-processing agent extracts information from uploaded claim forms (scanned images and PDFs) and then reasons over the extracted text to determine missing fields. Which combination of capabilities best fits this requirement?

A procurement agent can create purchase orders (POs) in an ERP system via an API. A post-incident review found the agent created duplicate POs when the ERP API timed out. What is the best mitigation?

A company needs an internal agent that can use tools (search, database query, ticket creation) but must restrict actions based on the user's role (for example, only managers can approve refunds). Where should authorization be enforced for best security?

An agentic solution uses an enterprise knowledge base plus live product inventory data. Users complain that answers cite correct policy documents but report outdated inventory quantities. What is the most likely design issue and fix?

You are designing a multi-agent system where Agent A (intake) hands off to Agent B (research) and Agent C (action) that can execute transactions. You must minimize the risk of prompt injection from user-provided content influencing Agent C's actions. Which design is most appropriate?

A global enterprise requires an agent platform that supports: (1) region-based data residency, (2) auditable logs of tool calls and model outputs, and (3) rapid rollback when a new prompt/tool version causes regressions. Which approach best meets these requirements?

You are designing an agentic AI solution where an LLM-based agent must reliably execute a fixed sequence of business steps (validate customer, check inventory, reserve stock, create invoice) and produce an auditable trace of each step. Which design approach best fits this requirement?

A customer support agent must answer questions using only approved internal policy documents and must cite the exact passages used. Which approach best enforces this behavior?

You need to let a business agent read a file from Azure Blob Storage without embedding any storage account keys in code. What is the recommended approach?

An agent uses tool-calling to trigger actions in downstream systems (CRM updates, refunds). You are concerned about prompt injection causing the model to call tools with attacker-controlled parameters. What control most directly mitigates this risk?

Your organization wants to use an AI agent to automate procurement approvals. Approvals must follow a strict policy: certain categories require human approval, and any exception must be logged and justified. Which architecture pattern best supports this requirement?

A multi-agent solution is deployed for a sales operations team. Users report that the agent frequently provides outdated answers even though updated documents exist in the knowledge store. The retrieval layer returns the correct new documents when tested directly. What is the most likely cause?

You need to integrate a business agent with multiple enterprise systems (ERP, ticketing, email). The agent must correlate events, handle retries, and ensure that actions are executed exactly once even if downstream APIs intermittently fail. Which integration approach is most appropriate?

A regulated enterprise requires that every agent response be explainable and traceable to inputs, tools, and data sources. They also want to detect policy violations (e.g., PII disclosure) and block responses before they are returned. Which combination best meets the requirement?

Your agent must serve multiple business units with different data entitlements. The same user question should return different results depending on the user’s permissions, and the solution must prevent cross-tenant data leakage even through the LLM. Which design is most robust?

After deploying an agent that can execute financial adjustments, you discover that a subset of tool calls are missing from audit logs during peak load. The actions still occur in downstream systems. You must ensure audit completeness without significantly increasing latency. What is the best remediation?

A retail company is building an agent that recommends products and can place orders. The agent must ensure that only verified inventory and approved promotions are used, and it must be able to explain which sources influenced each recommendation. Which design best satisfies these requirements?

An enterprise wants to connect an HR policy agent to several internal tools (leave balance, payroll, benefits). Security requires that user permissions are enforced by the tools themselves, and the agent must not receive long-lived credentials. Which approach is most appropriate?

A customer support agent uses tools to update CRM cases. In production, some cases are being updated twice. Logs show the orchestrator sometimes retries tool calls after a transient network error, but it cannot determine whether the tool call already succeeded. What is the best fix?

A finance agent generates quarterly narratives and must cite supporting documents from a controlled repository. The team observes that the agent sometimes uses outdated policy PDFs even though newer versions exist. You need to improve retrieval freshness without increasing hallucinations. What should you do?

A healthcare provider is deploying a multi-agent workflow where one agent triages patient messages and another schedules appointments through a tool. Compliance requires that protected health information (PHI) is minimized in prompts, access to PHI is tightly scoped, and all actions are auditable end-to-end. Which architecture best meets these requirements?