Back End Developer Interview Questions
Q6: Why would you use microservices architecture?
Ans: The integration of several smaller independently deployable services into a single application defines microservices architecture. It increases the operation's adaptability since individual services may be built-in in multiple programming languages. As a result, you use the strengths of each language to meet the needs of each service.
Furthermore, the services, while interconnected, remain loosely linked, allowing for easier maintenance. Larger teams, in particular, benefit from the microservices architectural paradigm. However, there may be some issues with debugging and the like. A good developer should be able to recognize when certain types of architecture should be employed.
Q7: How to mitigate the SQL Injection risks?
Ans: To mitigate SQL injection:
- Prepared Statements with Parameterized Queries: Always guarantee that your SQL translator can distinguish between code and data. Never employ dynamic searches that fail to distinguish between code and data. Instead, use a static SQL query and then send the external input as a query parameter. Prepared Statements (with Parameterized Queries) forces the developer to create all of the SQL code beforehand and then provide each parameter to the query later.
- Use of Stored Procedures: A stored procedure is similar to a function in C that a database administrator can call whenever necessary. It does not entirely prevent SQL injection, but it does assist in reducing the risks of SQL injection by eliminating dynamic SQL creation within.
- White List Input Validation: Always utilize white list input validation and accept only developer-approved input. Never use the blacklist method since it is less secure than the whitelist method.
- Escaping All User Supplied Input
- Enforcing Least Privilege
Q8: What Is Sticky Session Load Balancing? What Do You Mean By "Session Affinity"?
Ans: A sticky session, also known as a session affinity technique, is another common load balancing approach that requires a user session to be serviced by an assigned machine at all times.
It is necessary to maintain session data available to all computers in a load-balanced server application where user information is kept in sessions. This may be prevented by providing a specific user session request from a single computer. As soon as a session is formed, the machine is connected with it. All requests in a given session are always sent to the associated computer. This guarantees that user data is only stored on one system and that load is shared.
This is generally accomplished through the use of the SessionId cookie. The cookie is provided to the client with the first request, and every subsequent request from the client must contain the same cookie to identify the session.
What Are The Issues With Sticky Session?
There are a few difficulties that you may encounter if you use this method.
- If the client browser does not support cookies, your load balancer will be unable to determine if a request is part of a session. This may result in odd behavior for those who do not use cookie-based browsers.
- If one of the machines fails or goes down, the user information (served by that computer) is destroyed, and there is no means to retrieve the user session.
Q9: What are the advantages of Web Services?
Ans: Some of the advantages of web services are:
- Interoperability: Web services are network-accessible and use the HTTP/SOAP protocol to transport data, as well as XML/JSON to transfer data; thus, they may be built in any programming language. Web services can be developed in Java and clients in PHP, and vice versa.
- Reusability: Many client apps can utilize the same web service at the same time.
- Loose Coupling: Because the client code for web services is completely independent of the server code, we have achieved loose coupling in our program.
- Easy to deploy and integrate: just like web applications.
- Multiple service versions: can be running at the same time.
Q10: What are the differences between continuous integration, continuous delivery, and continuous deployment?
Ans:
- Developers that use continuous integration push their changes back to the main branch as frequently as feasible. You escape the integration nightmare that normally occurs when individuals wait until release day to integrate their modifications into the release branch.
- Continuous delivery extends continuous integration that ensures you can rapidly and sustainably deploy new modifications to your clients. This implies that, in addition to automating your testing, you've also automated your release process, and you may deploy your application at any moment by pressing a button.
- Continuous deployment is a step above continuous delivery. Every update that makes it through all stages of your production pipeline is distributed to your consumers using this method. There is no human interaction, and only a failing test prevents a new modification from going into production.