DNS — Domain Name System: maps domain names to IP addresses
JWT — JSON Web Token: signed token for authentication; header.payload.signature
0 / 5 completed
1 / 5
A job description states: "You will design and maintain REST APIs consumed by web and mobile clients." What does REST stand for, and what is a REST API?
REST = Representational State Transfer. An architectural style for building web APIs, defined by Roy Fielding in 2000. "RESTful" APIs follow REST constraints and are the dominant style for web services today.
Key REST constraints: • Stateless — each request contains all information needed; the server holds no client session state • Uniform interface — standard HTTP methods: GET (read), POST (create), PUT/PATCH (update), DELETE (remove) • Resource-based — URLs represent resources, not actions: /users/42 not /getUser?id=42 • JSON — the standard data format for REST APIs today (though not required by REST itself)
REST vs. the alternatives: • REST — simple, widely understood, HTTP-based • GraphQL — client specifies exactly what data it needs; Facebook invented it • gRPC — Google's binary protocol over HTTP/2; fast for microservices • SOAP — XML-based, older enterprise standard; much more verbose than REST • WebSocket — persistent bidirectional connection; used for real-time (chat, live feeds)
2 / 5
A DevOps engineer references a CI/CD pipeline. A colleague asks what CI/CD means. Which answer is correct?
Continuous Integration (CI): Every time a developer commits code, an automated pipeline runs: build → unit tests → integration tests → code quality checks. Goal: catch problems immediately, never let the main branch break. "The CI pipeline failed on the authentication tests."
Continuous Delivery (CD): The software is always in a releasable state after passing CI. Deploying to production requires a human approval button. "We use CD — every Thursday we press the button to ship."
Continuous Deployment (also CD): Every commit that passes all automated tests is automatically deployed to production — no human button. Used by companies like Netflix, Etsy, Amazon. "We do continuous deployment — if tests pass, it goes live."
An interviewer asks: "Can you explain OOP and name the four pillars?" What does OOP stand for, and which option correctly lists the four pillars?
OOP = Object-Oriented Programming. A programming paradigm that organises code around objects — data structures that combine state (fields/properties) and behaviour (methods).
The four pillars:
1. Encapsulation — bundling data and methods together; hiding internal implementation details. A class exposes a public interface but hides how it works internally. "The User class encapsulates the password hashing logic."
2. Inheritance — a class inherits properties and methods from a parent class. Enables code reuse and hierarchical relationships. "AdminUser extends User — AdminUser inherits all User methods plus adds admin-specific ones."
3. Polymorphism — objects of different classes can be treated as instances of a common parent class. The same interface behaves differently based on the actual object. "shape.draw() behaves differently for Circle, Square, and Triangle."
4. Abstraction — exposing only necessary details; hiding complexity. A developer uses a Database class without knowing how connection pooling works internally.
A backend developer says: "We need to set up DNS records before the domain goes live — specifically an A record and a CNAME." What does DNS stand for and what does it do?
DNS = Domain Name System. The distributed system that maps domain names to IP addresses — the internet's phone book. Without DNS, you'd need to remember 93.184.216.34 instead of example.com.
Common DNS record types: • A record — maps a domain to an IPv4 address: example.com → 93.184.216.34 • AAAA record — maps to IPv6 address • CNAME — Canonical Name; alias one hostname to another: www.example.com → example.com • MX record — Mail Exchange; routes email: directs @example.com to a mail server • TXT record — text values; used for domain verification, SPF (email spam prevention), and DKIM • NS record — Name Server; identifies which DNS servers are authoritative for the domain
DNS TTL (Time to Live): how long DNS resolvers cache a record before re-querying. A low TTL (60s) means changes propagate quickly. A high TTL (86400s = 24h) is efficient but slow to update.
DNS propagation: after changing DNS settings, it can take minutes to 48 hours for the change to reach all resolvers worldwide.
5 / 5
A developer posts a PR description: "Authentication is handled using JWT tokens. The token is signed with RS256 and expires after 15 minutes." What does JWT stand for and what is it?
JWT = JSON Web Token (pronounced "jot"). A compact, self-contained token for securely passing information between parties. Defined in RFC 7519.
JWT structure — three base64-encoded parts separated by dots: header.payload.signature
• Header — algorithm type: {"alg":"RS256","typ":"JWT"} • Payload — the claims (data): {"sub":"user_42","role":"admin","exp":1742000000} • Signature — cryptographic proof the token hasn't been tampered with
Common JWT claims: • sub (subject) — usually a user ID • exp (expiry) — Unix timestamp when the token expires • iat (issued at) — when the token was created • role / scope — custom claims for authorisation
Signing algorithms: • HS256 — HMAC-SHA256 (symmetric: same secret to sign and verify) • RS256 — RSA-SHA256 (asymmetric: private key signs, public key verifies — more secure)
Security note: JWTs are signed (tamper-proof) but not encrypted by default. The payload is base64-encoded, not hidden. Never store secrets in JWT payloads.