CertPrepNow
MicrosoftAI-2004 domains

AI-200 Exam Notes

Last-minute traps, must-know facts, and scenario tips for the Microsoft Certified: Azure AI Cloud Developer Associate exam.

General Exam Tips

  • 1.Read ALL four answer options before choosing — AI-200 uses near-miss distractors that are almost correct but miss one key requirement
  • 2.Map the data flow before selecting a service — the right Azure primitive almost always surfaces when you trace where data lives and how it moves
  • 3.Any answer mentioning connection strings stored in code or environment variables is almost certainly wrong — the correct pattern is managed identity + RBAC
  • 4.The exam tests the back-end plumbing that runs AI in production, not AI model selection or training — think containers, vector stores, messaging, and observability
  • 5.Domain 2 (AI Data Management Services) is 28% of the exam — roughly 14 questions. If pressed for time, over-invest study hours here
  • 6.There is no penalty for wrong answers — flag uncertain questions, finish the exam, and return with fresh eyes
  • 7.Case studies present a multi-paragraph scenario then ask 4-6 questions. Read the requirements table first before the narrative
  • 8.Beta exam note: AI-200 is in beta as of June 2026. Scores may take up to 8 weeks to arrive. The content and format are the same as GA
Domain 123% of exam

Develop Containerized Solutions on Azure

Must-Know Facts

  • Container Apps vs AKS decision rule: Container Apps = serverless, KEDA-based, no Kubernetes manifest knowledge required; AKS = full Kubernetes, manifest files, ConfigMaps, node pool management, GPU workloads
  • ACR Tasks automate image builds on code commit OR base image update — distinct from manual docker build + push workflows
  • KEDA event-driven scaling in Container Apps: Service Bus queue depth, Event Grid events, HTTP requests, CPU, and custom metrics are all valid KEDA sources
  • Container Apps revisions are IMMUTABLE — every configuration change (scaling rule, env var, image tag) creates a new revision, not an in-place update
  • AKS persistent storage: Azure Disk = ReadWriteOnce (single pod, block storage, high IOPS); Azure Files = ReadWriteMany (multiple pods simultaneously, SMB/NFS)
  • ConfigMaps in AKS store NON-sensitive data (feature flags, environment URLs). Kubernetes Secrets (or Key Vault CSI driver) store sensitive data like passwords
  • Container Insights + KQL is the monitoring solution for both AKS and Container Apps — not Application Insights for container-level diagnostics
  • App Service can host containers but is the simplest option with fewest controls — used when you need a basic web endpoint without orchestration needs

Common Traps

TrapThinking KEDA HTTP scaling in Container Apps never scales to zero
RealityHTTP scaling in Container Apps defaults to minReplicas=0, meaning it CAN scale to zero just like non-HTTP triggers. The default scale rule table shows HTTP: min=0, max=10. To prevent scale-to-zero for HTTP (e.g., to avoid cold-start latency), you must explicitly set minReplicas=1 or higher. The exam may test whether you know that zero-replica HTTP is the default, not an opt-in feature.
TrapAssuming AKS is always the answer for production container workloads
RealityContainer Apps is the right choice when the team does not need full Kubernetes control and wants automatic KEDA scaling, Dapr integration, and revision management. AKS is correct when you need GPU nodes, custom taints/tolerations, complex networking, or are an existing Kubernetes shop.
TrapUpdating an existing Container App scaling rule in place
RealityYou cannot modify an existing revision. Every change — including scaling rules — creates a new immutable revision. In multi-revision mode, traffic can be split between revisions during rollout.
TrapUsing Azure Disk for shared storage across AKS pods
RealityAzure Disk only supports ReadWriteOnce — it can only be mounted by a single node at a time. When multiple pods across nodes need simultaneous read-write access, Azure Files (ReadWriteMany) is the correct choice. Choosing Disk for shared workloads causes mount failures.
TrapTreating ACR Tasks as just a CI/CD tool
RealityACR Tasks has a base image trigger that monitors upstream public or private images and automatically rebuilds your image when the base changes. This is distinct from a code commit trigger and is specifically what the exam tests for dependency-driven rebuild scenarios.

Confusing Pairs

Azure Container AppsAzure Kubernetes Service (AKS)

Container Apps = managed serverless containers, KEDA auto-scaling, revision management, no YAML manifests required, best for microservices and event-driven workloads. AKS = full managed Kubernetes, manifest files mandatory, ConfigMaps/Secrets/PVCs you manage directly, best for GPU workloads, complex orchestration, or teams already running Kubernetes. Key signal in exam questions: if the scenario mentions manifest files, taints, or GPU nodes — choose AKS. If it mentions KEDA scaling rules and event-driven scaling — choose Container Apps.

Azure Disk (AKS storage)Azure Files (AKS storage)

Azure Disk = block storage, ReadWriteOnce (RWO), single pod/node mount, high IOPS for databases and ML model checkpoints. Azure Files = SMB/NFS shared file storage, ReadWriteMany (RWX), multiple pods on different nodes can mount simultaneously. If the question asks about shared access or multi-pod mount — always Azure Files.

Container Apps (single revision mode)Container Apps (multi-revision mode)

Single revision = only one active revision at a time, new deployment immediately replaces the old one, simpler for non-critical services. Multi-revision = multiple active revisions with traffic splitting (e.g. 90/10 for canary deployments), enables gradual rollouts with traffic weights. The exam may ask which mode is needed for a blue-green or canary deployment scenario.

Scenario Tips

If the question asks about:

When the question asks about scaling a containerized AI service based on Azure Service Bus queue depth

Answer:

Configure a KEDA Azure Service Bus scaler on the Container App with the queue name and target message count threshold, setting minReplicas to 0 for scale-to-zero

Distractor to avoid:

CPU-based autoscaling — this reacts to compute load after messages are already being processed, not proactively to queue depth before load materializes

If the question asks about:

When the question asks about automatically rebuilding a container image whenever the upstream base Python image is updated

Answer:

Use ACR Tasks with a base image trigger pointing to the base image repository

Distractor to avoid:

Azure DevOps scheduled pipeline — that runs on time intervals, not on base image change events

If the question asks about:

When the question describes an AI workload needing GPU nodes, custom node taints, and direct Kubernetes API access

Answer:

Use AKS — Container Apps abstracts all Kubernetes primitives and does not expose GPU node pools, taints, tolerations, or the Kubernetes API

Distractor to avoid:

Container Apps with custom scaling — Container Apps does not support GPU nodes or Kubernetes-level resource constraints

If the question asks about:

When the question asks which Kubernetes resource stores non-sensitive configuration data used by multiple pods

Answer:

ConfigMap — stores key-value pairs for environment variables, config files, or command-line arguments that are not sensitive

Distractor to avoid:

Kubernetes Secrets — Secrets are for sensitive data. Using Secrets for non-sensitive config is technically possible but wrong in exam context where ConfigMap is explicitly the right answer

Last-Minute Facts

1Container Apps minimum replicas default = 0 for ALL trigger types (HTTP and non-HTTP); set minReplicas=1 explicitly to prevent scale-to-zero
2AKS Azure Disk access mode = ReadWriteOnce (RWO); Azure Files access mode = ReadWriteMany (RWX)
3ACR Tasks trigger types: quick task (manual), automated task (code commit or base image update)
4Container Apps revision change triggers: new image, env var change, scaling rule change, secret reference change
5KEDA stands for Kubernetes Event-driven Autoscaling — it is built into Container Apps, not a separate install
Domain 228% of exam

Develop AI Solutions by Using Azure Data Management Services

Must-Know Facts

  • Cosmos DB session consistency is the DEFAULT — not strong. Session consistency gives consistent reads for the same client session but may return slightly stale data for other clients
  • Cosmos DB cross-partition queries consume significantly more RUs than single-partition queries with the partition key in the WHERE clause — partition key design is a performance multiplier
  • Cosmos DB indexing policy: by default ALL paths are indexed. Excluding unused paths from the index REDUCES RU consumption on writes
  • pgvector HNSW does NOT require reindexing after data changes — it is a graph-based index that updates incrementally. IVFFlat DOES require periodic reindexing (VACUUM ANALYZE) as data distribution shifts
  • pgvector distance operators: <-> for L2 (Euclidean), <=> for cosine distance, <#> for negative inner product (dot product). Cosine distance is standard for normalized text embeddings
  • Azure Managed Redis vector search requires Enterprise tier — the Basic and Standard tiers do NOT support the RediSearch module needed for vector indexing
  • Cosmos DB change feed processor requires a lease container — this is a separate Cosmos DB container that tracks which changes have been processed
  • RAG pattern with pgvector: store document chunks as rows with a vector column, query with ORDER BY embedding <=> $1 LIMIT k, apply metadata filters in a WHERE clause before the ORDER BY for hybrid search
  • Connection pooling (pgBouncer) is mandatory for PostgreSQL at scale — without it, each new request opens a new connection and you hit the connection limit quickly under concurrent AI workloads

Common Traps

TrapThinking Cosmos DB strong consistency is the default or cheapest option
RealitySession consistency is the default. Strong consistency requires reading from all replicas and costs more RUs per read. Eventual consistency is cheapest but may return stale data. The exam will test whether you know which level to choose for a given consistency vs cost tradeoff.
TrapTreating pgvector HNSW and IVFFlat as equivalent index options that only differ in speed
RealityHNSW maintains accuracy as data grows and does not need reindexing, but uses more memory and takes longer to build initially. IVFFlat is fast to build and uses less memory, but recall accuracy degrades as data changes until you re-run VACUUM ANALYZE. For production RAG with frequent data updates, HNSW is almost always preferred.
TrapAssuming Cosmos DB and PostgreSQL pgvector are interchangeable for vector search
RealityCosmos DB vector search is best for document-centric, globally distributed workloads where you do not need relational joins. PostgreSQL pgvector is best when you need relational data model, SQL joins, WHERE-clause metadata filters combined with vector search in a single query. If the question mentions 'hybrid search with SQL filters' — pgvector. If it mentions 'global distribution' or 'flexible schema' — Cosmos DB.
TrapUsing Cosmos DB partition key as just a field for organization
RealityThe partition key is the most critical performance decision for Cosmos DB. It cannot be changed after container creation. A bad partition key creates hot partitions where one partition receives most traffic, wasting RUs. The exam expects you to identify partition key anti-patterns like using a field with very low cardinality (e.g., a boolean) or a field that concentrates writes.
TrapThinking Azure Managed Redis Standard tier supports vector search
RealityVector indexing in Redis requires the RediSearch module, which is only available on the Enterprise tier. Standard and Basic tiers support basic key-value operations, caching, and pub/sub, but NOT vector similarity search.
TrapApplying metadata filters AFTER a vector similarity search (post-filter)
RealityIn pgvector, applying WHERE clause filters BEFORE the ORDER BY embedding distance (pre-filter) is more efficient because it reduces the candidate set before computing distances. Post-filtering (filtering after the vector search) can miss relevant results if the top-k limit was already applied.

Confusing Pairs

Cosmos DB for NoSQL (vector search)Azure Database for PostgreSQL (pgvector)

Cosmos DB = document store, globally distributed multi-region, RU-based pricing, schema-free, built-in vector search on the NoSQL API, best for high-scale distributed AI apps. PostgreSQL + pgvector = relational model, SQL joins, WHERE-clause + vector search in one query (hybrid search), traditional compute pricing. Key exam signal: 'relational data' or 'hybrid SQL + vector search' points to pgvector; 'global distribution' or 'flexible schema' points to Cosmos DB.

HNSW index (pgvector)IVFFlat index (pgvector)

HNSW = Hierarchical Navigable Small World graph, faster queries at query time, no reindexing needed as data grows, higher memory and slower initial build. IVFFlat = inverted file index, fast to build, lower memory, but needs VACUUM ANALYZE / reindexing as data changes to maintain recall. Exam shortcut: HNSW for production workloads with frequent inserts; IVFFlat for large static datasets where build cost matters.

Cosmos DB consistency: StrongCosmos DB consistency: Session

Strong = reads always return the most recent committed version, reads from any replica are consistent, highest RU cost, no read-stale-data risk. Session = consistent reads within the same client session, other sessions may see slightly stale data, DEFAULT level, lower cost. The exam traps you by implying strong is needed when session actually satisfies the requirement — if the consistency requirement is per-user, session is sufficient.

Cosmos DB change feed processorAzure Functions Cosmos DB trigger

Change feed processor = SDK component you embed in your application code, gives fine-grained control over lease management and checkpointing, best for long-running stateful processors. Azure Functions Cosmos DB trigger = serverless wrapper around the change feed, simpler to configure, best for stateless event-driven processing. Both read from the change feed, but trigger is 'fire and forget' serverless while processor is for persistent stream processing.

Scenario Tips

If the question asks about:

When the question asks about the fastest vector search query performance at query time and the team can tolerate long index build time

Answer:

Choose HNSW index — it delivers the best query latency and recall accuracy once built, at the cost of longer initial build time and higher memory usage

Distractor to avoid:

IVFFlat — it builds faster but is slower at query time, making it wrong when 'fastest query performance' is the stated requirement

If the question asks about:

When the question describes a Cosmos DB container receiving millions of documents and asks about reducing RU consumption on writes

Answer:

Modify the indexing policy to exclude paths that are never queried — fewer indexed paths means lower RU cost per write

Distractor to avoid:

Increasing RU throughput — that adds capacity but does not reduce per-operation cost, and the question asks about optimizing consumption not just handling load

If the question asks about:

When the question asks which Cosmos DB consistency level to choose for a single-user chat application where each user must always see their own latest messages

Answer:

Session consistency — it guarantees that reads within the same client session always reflect the latest writes from that session, which is exactly what a single-user chat requires, at lower cost than Strong

Distractor to avoid:

Strong consistency — technically correct but costs more RUs and is unnecessary when per-session consistency is sufficient for the requirement

If the question asks about:

When the question asks about detecting and processing new items added to a Cosmos DB container to trigger downstream AI enrichment

Answer:

Use the Cosmos DB change feed processor with a separate lease container, or an Azure Functions Cosmos DB trigger — both read new and updated items in order

Distractor to avoid:

Cosmos DB stored procedures — these execute within a transaction context, not for external event-driven processing

If the question asks about:

When the question describes a RAG pipeline needing vector similarity search combined with filtering by document category and date

Answer:

Use PostgreSQL pgvector with a WHERE clause on category and date BEFORE the ORDER BY embedding <=> $1 LIMIT k — this is the pre-filter hybrid search pattern

Distractor to avoid:

Cosmos DB vector search — while Cosmos DB supports vector search, it does not handle relational joins and hybrid SQL filtering as elegantly as pgvector's integrated WHERE + ORDER BY pattern

Last-Minute Facts

1Cosmos DB DEFAULT consistency = Session (not Strong, not Eventual)
2Cosmos DB partition key CANNOT be changed after container creation
3pgvector: <-> = L2 distance, <=> = cosine distance, <#> = negative inner product
4HNSW: no reindexing needed; IVFFlat: requires VACUUM ANALYZE after data changes
5Azure Managed Redis vector search = Enterprise tier ONLY (not Basic or Standard)
6Cosmos DB change feed lease container = required, separate container, tracks processor progress
7pgBouncer = connection pooler for PostgreSQL, prevents connection pool exhaustion at scale
8Cosmos DB indexing: all paths indexed by default; excluding paths reduces write RU cost
Domain 324% of exam

Connect to and Consume Azure Services

Must-Know Facts

  • Service Bus vs Event Grid: Service Bus = messages (commands to be processed, pulled by consumers, guaranteed delivery, ordering, dead-lettering). Event Grid = events (state change notifications, pushed to subscribers, near-real-time, lighter weight)
  • Service Bus PeekLock mode: message is locked during processing, explicitly completed or abandoned. ReceiveAndDelete: message deleted immediately upon receive — if processing fails, message is PERMANENTLY LOST
  • Dead-letter queue (DLQ): receives messages that exceed MaxDeliveryCount, have expired TTL, or failed filter evaluation. DLQ messages do NOT automatically return to the main queue — you must explicitly process them
  • Azure Functions Service Bus trigger uses PeekLock by default — an unhandled exception causes the message to be abandoned and retried up to MaxDeliveryCount before moving to DLQ
  • Event Grid subject filters are case-sensitive — /subscriptions/Production will NOT match /subscriptions/production
  • Event Grid dead-lettering sends failed events to a STORAGE BLOB CONTAINER, not a Service Bus queue
  • Azure Functions output bindings: write data to Cosmos DB, Service Bus, Event Grid, Storage, etc. without writing explicit SDK code — the binding handles it
  • Azure Functions input bindings: read data from services at function invocation time without SDK code — useful for loading context data before processing

Common Traps

TrapThinking Service Bus ReceiveAndDelete is safer because it's simpler
RealityReceiveAndDelete removes the message the moment it's received. If your function crashes mid-processing, the message is gone with no retry. PeekLock keeps the message locked until you explicitly complete() or abandon() it — use PeekLock for any workload where you cannot afford to lose messages.
TrapAssuming dead-letter queue messages will eventually return to the main queue on their own
RealityDLQ messages are parked permanently until a separate process explicitly reads and handles them. You need a separate Azure Function or consumer that monitors the DLQ, inspects the DeadLetterReason, and either fixes and re-submits or discards them.
TrapUsing Event Grid for ordered, reliable message processing
RealityEvent Grid is push-based and does not guarantee delivery order. It is not appropriate for command processing where ordering matters or where you need transactional guarantees. Use Service Bus queues (FIFO) or Service Bus with message sessions for ordered processing.
TrapThinking Event Grid dead-lettering goes to a Service Bus DLQ
RealityEvent Grid dead-lettering stores failed events in an Azure Storage Blob container (not a Service Bus queue). You configure a storage account blob container URL as the dead-letter destination on the event subscription.
TrapWriting explicit Cosmos DB SDK code in a Function when an output binding would work
RealityThe exam favors output bindings over manual SDK code when the question asks how to 'minimize code' or 'simplify integration.' An HTTP trigger + Cosmos DB output binding writes to Cosmos DB without a single SDK import.

Confusing Pairs

Azure Service BusAzure Event Grid

Service Bus = enterprise message broker, messages (commands), pulled by consumers, guaranteed delivery, ordering with sessions, dead-letter queue, supports batching and transactions. Event Grid = event routing, events (notifications), pushed to subscribers, near-real-time, no ordering guarantee, dead-letters to blob storage. Memory hook: Service Bus = TODO list (commands you must complete). Event Grid = newsletter (notifications of what happened).

Azure Service Bus QueueAzure Service Bus Topic/Subscription

Queue = point-to-point, one consumer processes each message, simple FIFO. Topic + Subscriptions = publish-subscribe, each subscription gets a copy of every message, multiple independent consumers each process all messages. Use Topic when multiple services need to react to the same message independently.

Service Bus PeekLockService Bus ReceiveAndDelete

PeekLock = locks message during processing, requires explicit complete() or abandon(), safe for at-least-once delivery, DEFAULT for Azure Functions trigger. ReceiveAndDelete = immediately removes message on receive, no retry possible on failure, use only for idempotent fire-and-forget operations where loss is acceptable.

Azure Functions input bindingAzure Functions output binding

Input binding = data read FROM a service INTO the function at invocation time (e.g., read a Cosmos DB document by ID). Output binding = data written FROM the function TO a service (e.g., write result to Cosmos DB container). Both eliminate explicit SDK code. You can have multiple input AND output bindings on a single function.

Scenario Tips

If the question asks about:

When the question asks about a message queue where messages that fail processing 10 times should be automatically moved out of the main queue for inspection

Answer:

Service Bus dead-letter queue — when MaxDeliveryCount is exceeded, Service Bus automatically moves the message to the DLQ without any additional configuration

Distractor to avoid:

Event Grid dead-lettering — Event Grid dead-letters to a blob storage container, not a queue, and it is for events not commands. Also, the question describes ordered, command-style processing which is Service Bus.

If the question asks about:

When the question describes multiple independent downstream services that each need to process every AI training completion event

Answer:

Service Bus Topic with one Subscription per downstream service — each subscription receives its own independent copy of every message

Distractor to avoid:

Service Bus Queue — a queue delivers each message to only ONE consumer; the first service to pick it up gets it, and other services never see that message

If the question asks about:

When the question asks how to build a serverless function that reads an HTTP request, looks up a record from Cosmos DB by ID, and writes a result back to Cosmos DB with minimal code

Answer:

HTTP trigger + Cosmos DB input binding (for the lookup) + Cosmos DB output binding (for the write) — no SDK code needed for either data operation

Distractor to avoid:

HTTP trigger with explicit CosmosClient SDK calls — this works but contradicts the 'minimal code' requirement that signals to use bindings

If the question asks about:

When the question asks about filtering Event Grid subscriptions to only receive events from a specific environment tag in the event subject

Answer:

Advanced subject filter or event data filter on the Event Grid subscription — advanced filters can match on custom event data properties or subject patterns

Distractor to avoid:

Service Bus topic SQL filters — SQL filters apply to Service Bus, not Event Grid. These are completely different filtering mechanisms for different services.

Last-Minute Facts

1Service Bus MaxDeliveryCount default = 10 (after 10 failed deliveries, message goes to DLQ)
2Service Bus PeekLock = DEFAULT for Azure Functions trigger (not ReceiveAndDelete)
3Event Grid dead-letter destination = Azure Storage Blob container (NOT Service Bus DLQ)
4Event Grid subject filters are CASE-SENSITIVE
5Service Bus sessions = required for strict ordering across multiple messages from the same logical entity
6Azure Functions output binding = no explicit SDK code needed to write to Cosmos DB, Service Bus, etc.
7Service Bus Topic = each subscription gets a COPY of every message (fan-out pattern)
Domain 425% of exam

Secure, Monitor, and Troubleshoot Azure Solutions

Must-Know Facts

  • OpenTelemetry replaces Application Insights SDK on AI-200 — questions reference ActivitySource (for spans/traces) and Meter (for metrics), NOT TelemetryClient
  • Managed identities = ALWAYS the correct answer when asked how to authenticate to Azure services without storing credentials — never store connection strings in code
  • System-assigned managed identity: 1:1 with the Azure resource, deleted when resource is deleted, cannot be shared. User-assigned: standalone, shareable across multiple resources, persists after resource deletion
  • Key Vault soft-delete is ENABLED BY DEFAULT on all new vaults and cannot be disabled — deleted secrets are recoverable for 7-90 days depending on retention policy
  • Key Vault vs App Configuration: Key Vault = secrets (passwords, API keys, certificates, connection strings). App Configuration = settings (feature flags, non-sensitive configuration). App Configuration can reference Key Vault secrets via Key Vault references
  • KQL case sensitivity: string comparisons with == are case-sensitive; use =~ for case-insensitive comparisons — this is a common KQL trap
  • OpenTelemetry ActivitySource creates Spans within a trace; a trace is a collection of spans representing an end-to-end request. W3C TraceContext headers propagate trace context between services
  • Azure Monitor receives OpenTelemetry telemetry via the Azure Monitor OpenTelemetry Distro exporter — UseAzureMonitor() is the one-line setup, with custom spans added via ActivitySource

Common Traps

TrapReferencing TelemetryClient or the Application Insights SDK in OpenTelemetry questions
RealityAI-200 explicitly tests OpenTelemetry, not the proprietary Application Insights SDK. TelemetryClient is the old SDK. The new pattern is: ActivitySource for custom spans/traces and Meter instruments (Counter, Histogram, Gauge, ObservableGauge) for custom metrics. Any answer choice mentioning TelemetryClient is wrong for AI-200.
TrapUsing a service principal with client secret to authenticate containerized apps to Key Vault
RealityService principals with client secrets require storing the secret somewhere — defeating the purpose of Key Vault. The correct pattern is a managed identity on the Container App or AKS pod, granted the Key Vault Secrets User RBAC role. Zero credentials in code.
TrapThinking App Configuration can replace Key Vault for sensitive secrets
RealityApp Configuration stores non-sensitive configuration. It has Key Vault reference support — you store the Key Vault secret URI in App Configuration, but the actual secret value is always fetched directly from Key Vault at runtime. App Configuration is NOT an alternative to Key Vault for secrets.
TrapWriting KQL string comparisons with == and expecting case-insensitive matching
RealityKQL == is case-sensitive. 'Production' != 'production' in a KQL where clause. Use =~ for case-insensitive string comparison. This catches exam candidates who come from SQL backgrounds where string comparison is often case-insensitive by default.
TrapThinking managed identities can access Azure services without any additional configuration
RealityCreating a managed identity is only half the job. You must also assign the appropriate RBAC role to the identity on the target resource (e.g., 'Key Vault Secrets User' on the Key Vault, 'Cosmos DB Built-in Data Contributor' on the Cosmos account). The identity without a role assignment has zero access.
TrapAssuming Key Vault purge protection is optional for production
RealityPurge protection prevents even an authorized admin from permanently deleting a soft-deleted secret before the retention period expires. Without purge protection, a soft-deleted secret can be permanently purged immediately. The exam may present scenarios where immutable audit requirements mandate enabling purge protection.

Confusing Pairs

OpenTelemetry ActivitySourceOpenTelemetry Meter

ActivitySource = creates Spans (traces). Use it to instrument units of work — an HTTP call, a database query, an AI model call — creating a trace that shows latency and relationships across services. Meter = creates Metrics instruments (Counter for totals, Histogram for distributions, Gauge for point-in-time values). Use it to track business metrics — inference count, token usage, queue depth. Both are configured separately and exported to Azure Monitor.

System-Assigned Managed IdentityUser-Assigned Managed Identity

System-assigned = created with the resource, deleted with the resource, cannot be shared, simplest for single-resource scenarios. User-assigned = created independently, can be assigned to many resources, survives resource deletion, best when multiple resources need identical permissions. Exam signal: 'multiple services need same Key Vault access' = user-assigned. 'Single function needs Key Vault access' = either works, system-assigned is simpler.

Azure Key VaultAzure App Configuration

Key Vault = HSM-backed secrets store, for passwords/API keys/certificates/connection strings, full audit logging, rotation policies, cannot store feature flags or plain config well. App Configuration = centralized settings management, feature flags, environment labels, Key Vault references for sensitive values, NOT for secrets themselves. Use both together: App Configuration for all settings, Key Vault references for the ones that are sensitive.

OpenTelemetry (AI-200)Application Insights SDK (legacy)

OpenTelemetry = vendor-neutral, open standard, works with any backend, ActivitySource for traces, Meter for metrics, W3C TraceContext for propagation, what AI-200 tests. Application Insights SDK = Microsoft-proprietary, TelemetryClient API, tightly coupled to Azure Monitor, NOT tested on AI-200. If you see TelemetryClient in an answer — eliminate it.

Scenario Tips

If the question asks about:

When the question asks how to instrument a distributed AI pipeline across three Container Apps services for end-to-end tracing

Answer:

Install the OpenTelemetry SDK in each service, create an ActivitySource, start spans for each operation, and configure W3C TraceContext propagation for automatic context propagation across HTTP calls. Export to Azure Monitor via UseAzureMonitor()

Distractor to avoid:

Application Insights SDK with TelemetryClient — this is the legacy approach and is explicitly NOT what AI-200 tests. Any answer mentioning TelemetryClient is wrong.

If the question asks about:

When the question asks how to authenticate an AKS pod to Azure Key Vault without storing credentials anywhere

Answer:

Use workload identity (Azure AD Workload Identity) on the AKS pod, which projects a managed identity into the pod's service account token, granting it RBAC access to Key Vault without any secrets in the pod spec

Distractor to avoid:

Mount the Key Vault connection string as a Kubernetes Secret — this stores a credential in a Kubernetes Secret, which is still a credential (base64 encoded, not encrypted at rest by default)

If the question asks about:

When the question asks which KQL operator to use to count errors by service name regardless of case in the log data

Answer:

Use =~ for case-insensitive string comparison: where serviceName =~ 'inference-service' | summarize count() by serviceName

Distractor to avoid:

Using == (case-sensitive) — will miss records where the service name casing differs from what the query expects, silently returning incomplete results

If the question asks about:

When the question asks how to store an application setting that references a Key Vault secret so the app only needs one configuration source

Answer:

Store a Key Vault reference in Azure App Configuration — the value is the Key Vault secret URI, and the App Configuration SDK resolves it at runtime from Key Vault automatically

Distractor to avoid:

Store the secret value directly in App Configuration — App Configuration is not designed to protect secret values and does not have Key Vault-level access controls or audit logging

Last-Minute Facts

1OpenTelemetry: ActivitySource = traces/spans; Meter = metrics (Counter, Histogram, Gauge)
2W3C TraceContext = the header standard for propagating trace context across HTTP service boundaries
3Key Vault soft-delete = ON by default, 7-90 day retention, cannot be disabled on new vaults
4KQL == is CASE-SENSITIVE; use =~ for case-insensitive string matching
5Managed identity + RBAC role assignment = always the exam-correct authentication pattern (no credentials in code)
6User-assigned managed identity = shareable across multiple resources; system-assigned = 1:1 with resource
7App Configuration Key Vault reference = stores the URI of a Key Vault secret, not the value itself
8UseAzureMonitor() = the one-line OpenTelemetry setup for Azure Monitor export in .NET and Python

Feeling confident?

Put your knowledge to the test with a timed AI-200 mock exam.