https://www.geeksforgeeks.

org/software-
engineering/software-engineering-
interview-questions-and-answers/

✅ Basic & Core Concepts

1. What is Software Engineering?

Answer:
Software Engineering is the systematic approach to the development, operation, and
maintenance of software using engineering principles. It emphasizes quality, reliability, and
cost-efficiency.

2. What are the phases of the Software Development Life Cycle (SDLC)?

Answer:

1. Requirement Gathering
2. System Design
3. Implementation (Coding)
4. Testing
5. Deployment
6. Maintenance

3. What is the difference between Agile and Waterfall models?

The main difference between Agile and Waterfall lies in their approach to project
development.

 Waterfall is a linear and sequential model, where each phase—like requirements

gathering, design, development, and testing—is completed one after the other. It's
best suited for projects with well-defined and fixed requirements. Once a phase is
finished, it’s difficult to go back and make changes.
 Agile, on the other hand, is an iterative and flexible model. Work is divided into
small, manageable units called sprints, allowing for continuous feedback, testing,
and improvements. Agile is ideal for projects where requirements are likely to
change or evolve over time.

In summary, Waterfall is plan-driven, whereas Agile is adaptive and customer-focused.

4. What is the difference between Functional and Non-Functional
Requirements?

Answer:

 Functional: Describe what the system should do (e.g., login, search).

 Non-functional: Describe how the system should behave (e.g., performance, security,
usability).

5. What is Version Control? Name some tools.

Answer:
Version control is a system that tracks changes to code and allows multiple developers to
collaborate.
Examples: Git, Subversion (SVN), Mercurial

💡 Design & Architecture

6. What are the principles of Object-Oriented Programming (OOP)?

Answer:

 Encapsulation
 Abstraction
 Inheritance
 Polymorphism

7. What is a design pattern? Name a few.

Answer:
Design patterns are reusable solutions to common software design problems.
Examples: Singleton, Factory, Observer, MVC (Model-View-Controller)

8. What is SOLID in Software Engineering?

Answer:
A set of five design principles for writing maintainable OOP code:

 S – Single Responsibility
 O – Open/Closed
  L – Liskov Substitution
 I – Interface Segregation
 D – Dependency Inversion

🧪 Testing & QA
9. What is the difference between Unit Testing, Integration Testing, and
System Testing?

Answer:

 Unit Testing: Tests individual components.

 Integration Testing: Tests interaction between modules.
 System Testing: Tests the complete system as a whole.

10. What is Test-Driven Development (TDD)?

Answer:
TDD is a development process where tests are written before the actual code. It helps ensure
code correctness and encourages modular design.

🔐 Software Maintenance & DevOps

11. What is Continuous Integration (CI) and Continuous Deployment (CD)?

Continuous Integration (CI) is a development practice where developers frequently merge

their code changes into a shared repository, often multiple times a day. Each integration is
then automatically built and tested, which helps detect issues early and ensures the code is
always in a working state. The goal of CI is to improve code quality and reduce integration
problems.

Continuous Deployment (CD) takes this a step further by automatically deploying every
change that passes the CI pipeline to a production environment. This ensures that new
features, bug fixes, or updates are delivered to users quickly and reliably, without manual
intervention.

Sometimes people refer to Continuous Delivery (also CD), where code is automatically
prepared for deployment, but the release is still manually triggered. In contrast, Continuous
Deployment is fully automated.
12. What is Refactoring?

Answer:
Refactoring is improving the internal structure of code without changing its external behavior
to make it more maintainable and readable.

⚙️Advanced / Scenario-Based
13. How do you handle code conflicts in a team environment?

Answer:
Use version control (like Git), communicate early, pull changes frequently, and resolve
conflicts by discussing with team members and merging carefully.

14. What would you do if you receive unclear requirements?

Answer:
Engage stakeholders or product owners, ask clarifying questions, document assumptions, and
iteratively refine through feedback.

15. How do you ensure software quality?

Answer:
By writing clean code, following coding standards, using automated testing, code reviews,
and following a robust SDLC or Agile process.

✅ Basic & Core Concepts (Continued)

16. What is the difference between software and software product?

Answer:

 Software: Any set of instructions that performs a task on a computer.

 Software Product: Packaged software designed for sale or distribution to end-users
(e.g., MS Office, Adobe Photoshop).

17. What is a Use Case?

Answer:
A Use Case describes how a user interacts with a system to achieve a specific goal. It
includes actors, scenarios, and interactions.
18. What is a Software Requirement Specification (SRS)?
Answer:
An SRS is a formal document that describes all the functional and non-functional
requirements of a system.
💡 Design & Architecture (Continued)

19. What is the difference between Monolithic and Microservices Architecture?

Answer:

Monolithic architecture is a traditional software design where the entire application

is built as a single, unified unit. All components like UI, business logic, and data
access layers are tightly coupled and run as one service. This approach is simpler to
develop initially but can become difficult to scale, test, and maintain as the
application grows.

In contrast, Microservices architecture breaks the application into small, independent

services, where each service handles a specific business function and communicates with
others over APIs. This allows for better scalability, faster deployments, and easier
maintenance, since each service can be developed, deployed, and scaled independently.

20. What is Coupling and Cohesion?

Answer:

 Coupling: Degree of interdependence between modules (low coupling is preferred).

 Cohesion: Degree to which elements within a module belong together (high cohesion
is preferred).

21. What is an API and why is it important?

Answer:
An API (Application Programming Interface) allows different software components
to communicate. It's important for modularity, integration, and scalability.

🧪 Testing & QA (Continued)

22. What is the difference between Black Box and White Box Testing?
Answer:

 Black Box Testing: Tester doesn’t need to know the internal logic; focuses on inputs
and outputs.
 White Box Testing: Tester knows the internal structure and logic of the code.

23. What is Regression Testing?

Answer:
Testing to ensure that new code changes haven’t affected existing functionalities.
24. What is a Test Plan?
Answer:
A document that outlines the scope, approach, resources, and schedule of intended
testing activities.
🔐 Software Maintenance & DevOps (Continued)

25. What is Configuration Management?

Answer:
It involves systematically handling changes to software to maintain integrity and
traceability.
26. What are Containers and Docker?
Answer:

A container is a lightweight, portable, and self-contained environment that includes

everything needed to run an application—such as the code, runtime, libraries, and
dependencies. Containers ensure that software runs consistently across different
environments, whether it's a developer's laptop, a test server, or production.

Docker is one of the most popular containerization platforms. It provides tools to create,
manage, and run containers efficiently. With Docker, you can package your application
and its environment into a Docker image, and then run that image as a Docker container
anywhere.

Key Benefits of Containers and Docker:

 Portability: "Build once, run anywhere"

 Consistency: Same environment in development, testing, and production
 Isolation: Each container runs independently
 Efficiency: Uses less system resources compared to virtual machines

Example:
If you're building a web app, Docker can package your app, web server, and database into
separate containers. This setup runs the same way on any system that supports Docker.

What is Infrastructure as Code (IaC)?

Answer:
Infrastructure as Code (IaC) is a practice where infrastructure—like servers, networks,
databases, and other resources—is provisioned and managed using code, instead of
manually configuring it through a graphical interface.

With IaC, infrastructure setups are written in declarative or imperative scripts, often using
tools like Terraform, AWS CloudFormation, or Ansible. These scripts can be version-
controlled, tested, and reused, just like application code.
Key Benefits of IaC:

 Consistency: Eliminates manual errors by automating configuration.

 Version Control: Infrastructure changes can be tracked and rolled back using Git.
 Speed: Infrastructure can be deployed in minutes, not hours or days.
 Scalability: Easily replicate environments (e.g., dev, test, production).

Example:
Using Terraform, you can define your entire cloud infrastructure (servers, databases, load
balancers) in a .tf file and deploy it with a single command.

⚙️Advanced / Scenario-Based (Continued)

28. How do you ensure scalability in software design?

Answer:
By using load balancing, caching, horizontal scaling, database optimization, and
microservices.
29. How do you handle technical debt?
Answer:
By prioritizing refactoring tasks, scheduling regular code reviews, documenting
shortcuts, and addressing them incrementally.
30. How do you deal with performance bottlenecks?
Answer:
Profile the application, identify slow components (DB queries, loops, etc.), optimize
algorithms, cache results, or scale infrastructure.

✅ Basic & Core Concepts (Continued)

31. What is the difference between Compilation and Interpretation?

Answer:

 Compilation: Converts entire source code into machine code before execution (e.g.,
C, C++).
 Interpretation: Translates code line-by-line during execution (e.g., Python,
JavaScript).

32. What is a framework vs. a library?

Answer:

 Library: You call it when needed.

 Framework: It calls your code; provides structure and flow (Inversion of Control).

The main difference between a framework and a library is inversion of control.

  A library is a collection of reusable code that you call directly in your application to
perform specific tasks. You control the flow of the application and decide when and
where to use the library.
 A framework, on the other hand, defines the structure and flow of the application. It
often calls your code as part of its lifecycle. So in a framework, the control is
inverted—you write code that fits into the framework's structure.

Example:

 Using jQuery (a library), you call a function like $('#id').hide() whenever you
want.
 With Angular or Django (frameworks), the framework handles the flow, and you
plug your code into predefined components or routes.

33. What is Software Prototyping?

Answer:
Creating a quick, working model of part or all of the system to understand
requirements and get feedback early.

💡 Design & Architecture (Continued)

34. What is Middleware?

Answer:
Middleware is software that connects different applications or services (e.g., message
queues, authentication servers).
35. What is the difference between Horizontal and Vertical Scaling?
Answer:

 Horizontal Scaling: Adding more machines or nodes.

 Vertical Scaling: Increasing resources (CPU, RAM) on a single machine.

36. What is a Load Balancer?

Answer:
A system that distributes incoming network traffic across multiple servers to ensure
reliability and performance.

🧪 Testing & QA (Continued)

37. What are Mocks, Stubs, and Fakes?

Answer:
Used in unit testing to simulate components:
  Mock: Imitates behavior and verifies usage.
 Stub: Returns predefined responses.
 Fake: Has working implementation but is simplified.

38. What is Code Coverage?

Answer:
A measure of how much of your code is tested. High coverage doesn't guarantee
quality, but low coverage can indicate risks.
39. What is a Bug Lifecycle?
Answer:
Steps a bug goes through: New → Assigned → Open → Fixed → Retested →
Verified → Closed (or Reopened).

🔐 Security & DevOps (Continued)

40. What is OWASP Top 10?

Answer:
A list of the 10 most critical web application security risks (e.g., SQL Injection, XSS,
Broken Authentication).
41. What is a CI/CD Pipeline?
Answer:
A series of automated steps (build, test, deploy) that deliver code changes to
production reliably and quickly.
42. What is Blue-Green Deployment?
Answer:
A deployment strategy where two environments (Blue & Green) are used; traffic is
switched to the new version once it’s stable.

⚙️Advanced / Scenario-Based (Continued)

43. How do you choose between SQL and NoSQL databases?

Answer:

 SQL: Structured data, ACID compliance (e.g., MySQL, PostgreSQL).

 NoSQL: Unstructured/rapidly changing data, scalability (e.g., MongoDB, Cassandra).

44. What is a memory leak and how can it be prevented?

Answer:
A situation where memory is allocated but not released. Prevented via garbage
collection, careful object management, and profiling tools.
45. What would you do when your service is down in production?
Answer:

 Acknowledge the incident

 Check logs and monitoring
 Roll back recent changes if needed
  Communicate with stakeholders
 Conduct post-mortem analysis

📊 Software Metrics & Project Management

46. What are software quality attributes?

Answer:
Also called "ilities":

 Maintainability
 Scalability
 Reliability
 Usability
 Portability
 Availability

47. What is Technical Debt?

Answer:
The cost of choosing a quicker or easier solution now instead of a better long-term
one. Needs to be "paid back" through refactoring or redesign.
48. What are KPIs in software projects?
Answer:
Key indicators of success:

 Velocity (Agile)
 Bug rate
 Lead time
 Deployment frequency
 MTTR (Mean Time to Recovery)

49. What is the difference between Scrum and Kanban?

Answer:

 Scrum: Iteration-based (Sprints), roles defined, fixed planning.

 Kanban: Flow-based, continuous delivery, focus on work-in-progress (WIP) limits.

50. What is a Gantt Chart?

Answer:
A visual project planning tool showing activities against time. Helps in tracking
deadlines and dependencies.

☁️Cloud Computing & Modern Infrastructure

51. What is Cloud Computing?

Answer:
Delivering computing services (servers, storage, databases, networking, software)
over the internet (“the cloud”).
 52. What are the different cloud service models?
Answer:

 IaaS (Infrastructure as a Service): e.g., AWS EC2

 PaaS (Platform as a Service): e.g., Heroku, Google App Engine
 SaaS (Software as a Service): e.g., Gmail, Dropbox

53. What is Serverless Architecture?

Answer:
An architecture where you write and deploy code without managing servers (e.g.,
AWS Lambda, Azure Functions).
54. What is Auto-Scaling?
Answer:
Automatically adjusting compute resources based on demand (scale up/down).
55. What is a CDN?
Answer:
Content Delivery Network: A distributed network of servers that delivers content
(e.g., images, videos) to users with high availability and performance.

📐 System Design Concepts

56. What is a Cache and why is it used?

Answer:
A cache stores frequently accessed data in memory to reduce latency and load (e.g.,
Redis, Memcached).
57. What is a Message Queue?
Answer:
A mechanism for communication between services by sending messages (e.g.,
RabbitMQ, Kafka, AWS SQS) to decouple systems.
58. How do you design a system for high availability?
Answer:

 Redundancy
 Load balancing
 Failover systems
 Geographical distribution

59. How do you prevent data loss in a distributed system?

Answer:

 Backups
 Replication
 Consensus protocols (e.g., Paxos, Raft)
 Durable message queues

60. What is CAP Theorem?

Answer:
In distributed systems, you can only choose two of the three:
  Consistency
 Availability
 Partition Tolerance

🧠 AI/ML in Software Engineering

61. How is AI used in Software Engineering?

Answer:

 Code completion (e.g., GitHub Copilot)

 Bug prediction
 Test case generation
 Requirement analysis via NLP
 Automated refactoring

62. What is Machine Learning?

Answer:
A subfield of AI where systems learn from data without being explicitly programmed.
63. What are some ML libraries developers should know?
Answer:

 Python: TensorFlow, PyTorch, scikit-learn

 JavaScript: TensorFlow.js
 Java: Deeplearning4j

64. What is MLOps?

Answer:
Machine Learning Operations — applying DevOps principles to deploy, monitor, and
maintain ML models in production.
65. What is model drift?
Answer:
When an ML model’s performance degrades over time due to changes in data
patterns.

💼 Career & Soft Skills in Software Engineering

66. What makes a good software engineer beyond coding?

Answer:

 Communication
 Teamwork
 Problem-solving
 Empathy for users
 Willingness to learn continuously
 67. How do you approach learning a new technology?
Answer:

 Start with official docs/tutorials

 Build a small project
 Read source code/examples
 Join communities
 Iterate and apply

68. What’s the role of a Technical Lead?

Answer:
A tech lead oversees the technical direction of a project, mentors developers, makes
architectural decisions, and ensures code quality.
69. How do you estimate time for a software task?
Answer:

 Break the task down

 Use historical data
 Include buffer
 Collaborate with team
 Reassess regularly

70. What is burnout, and how can engineers avoid it?

Answer:
Burnout is emotional/physical exhaustion from prolonged stress. Avoid by:

 Taking breaks
 Managing workload
 Communicating early
 Practicing work-life balance

📊 Architecture Patterns & Scalability

71. What is the difference between REST and GraphQL?

Answer:

 REST: Standard HTTP verbs (GET, POST, etc.), multiple endpoints, rigid structure.
 GraphQL: Single endpoint, client specifies what data is needed — more flexible,
reduces over-fetching.

72. What is Event-Driven Architecture?

Answer:
A pattern where services communicate through events (publish/subscribe). It
improves decoupling and scalability.
73. What is a Service Mesh?
Answer:
An infrastructure layer for handling service-to-service communication in
microservices (e.g., Istio, Linkerd). It handles traffic routing, security, observability.
74. What is eventual consistency?
Answer:
 A consistency model in distributed systems where all updates will propagate
eventually, and all nodes will become consistent over time.
75. What are Idempotent APIs?
Answer:
APIs that produce the same result no matter how many times they are called (e.g.,
PUT /user/123).

🚀 Performance Optimization

76. How do you improve web application performance?

Answer:

 Minimize HTTP requests

 Use caching (browser, server, CDN)
 Optimize images
 Lazy loading
 Minify assets (JS, CSS)

77. How do you improve database performance?

Answer:

 Indexing
 Query optimization
 Connection pooling
 Database sharding
 Caching frequent queries

78. What is latency vs throughput?

Answer:

 Latency: Time taken for a single request.

 Throughput: Number of requests handled per unit time.

79. What tools help with performance monitoring?

Answer:

 Frontend: Lighthouse, Chrome DevTools

 Backend: New Relic, Prometheus, Grafana
 DB: pg_stat_statements (PostgreSQL), Slow Query Log (MySQL)

80. What is profiling?

Answer:
Profiling analyzes where your program spends time or uses resources — helps locate
bottlenecks.
✅ Q: What is the difference between a process and a thread?

Answer:

A process is an independent program in execution with its own memory space, resources,
and system state. A thread, on the other hand, is a lightweight unit of execution within a
process. Multiple threads within the same process share the same memory and resources.

Key Differences:

Aspect Process Thread

Memory Has its own memory Shares memory with other threads
Communication Slower (inter-process) Faster (shared memory)
Overhead High Low
Isolation Fully isolated Not isolated
One process crash doesn’t affect One thread crash may affect the whole
Failure Impact
others process

Example:
A web browser is a process. Each open tab may run as a separate thread within that process
to handle page rendering or scripts.

Q: 2. What is the difference between stack and heap memory?

Answer:

Stack memory is used for static memory allocation, such as function calls and local
variables. It is organized in a LIFO (Last-In-First-Out) manner and is automatically
managed by the compiler.

Heap memory, on the other hand, is used for dynamic memory allocation. It stores objects
and data that need to live beyond the scope of a function. Memory here must be manually
managed (or by a garbage collector, depending on the language).

Key Differences:

Aspect Stack Heap

Allocation Static (at compile time) Dynamic (at runtime)
Management Automatically by compiler Manually or via garbage collection
Speed Faster Slower
Size Usually smaller Usually larger
 Aspect Stack Heap
Lifespan Temporary (function scope) Until explicitly freed or GC'd

🔹 Java:

 Stack: Used for method calls, local variables, and reference variables. Each thread
has its own stack.
 Heap: All objects (like instances of classes) are created on the heap, which is shared
among all threads and managed by the JVM’s garbage collector.

Example:

java
CopyEdit
int x = 5; // 'x' is a local variable → stored in stack
String s = new String("Hi"); // 's' (reference) is in stack, object is in
heap

🔹 Python:

 Python doesn’t expose stack vs. heap directly, but conceptually:

o Function calls and control flow use the call stack.
o All objects (including integers, lists, functions, etc.) are stored on the heap.
o Local variable names point to objects and are stored in stack frames during
function execution.

Example:

python
CopyEdit
x = 10 # 'x' is a name in the stack frame; 10 is an object in heap
lst = [1, 2, 3] # 'lst' is in the stack frame; list object is in the heap

Q: 4. What are SOLID principles?

Answer:

SOLID is an acronym for five core design principles in object-oriented programming that
help make software more maintainable, flexible, and scalable. These principles were
introduced by Robert C. Martin (Uncle Bob).

🔹 S — Single Responsibility Principle (SRP)

A class should have only one reason to change.

Each class should focus on a single functionality.

✅ Example: A class that handles file saving should not also handle data formatting.
🔹 O — Open/Closed Principle (OCP)

Software entities should be open for extension, but closed for modification.
You should be able to add new behavior without changing existing code.

✅ Example: Use interfaces or abstract classes to allow new implementations.

🔹 L — Liskov Substitution Principle (LSP)

Subtypes must be substitutable for their base types.

Objects of a superclass should be replaceable with objects of its subclasses without
breaking the program.

✅ Example: If class Bird has a fly() method, then a Penguin class should not extend it if it
can't fly.

🔹 I — Interface Segregation Principle (ISP)

Clients should not be forced to depend on interfaces they do not use.

It's better to have many small, specific interfaces rather than one large one.

✅ Example: Separate interfaces like Printable, Scannable instead of one big Machine
interface.

🔹 D — Dependency Inversion Principle (DIP)

High-level modules should not depend on low-level modules; both should depend on
abstractions.
Depend on interfaces or abstract classes, not concrete implementations.

✅ Example: Use dependency injection to provide required services.

Q: 5. What is a design pattern? Name a few common ones.

Answer:

A design pattern is a reusable solution to a common problem that occurs repeatedly in

software design. It's not actual code, but a general template for solving a particular kind of
problem in a particular context.
Design patterns help developers write cleaner, more maintainable, and scalable code by
following proven approaches.

🔹 Types of Design Patterns:

1. Creational Patterns – Deal with object creation

o 🔸 Singleton: Ensures only one instance of a class exists.
o 🔸 Factory Method: Creates objects without exposing the creation logic.
o 🔸 Builder: Constructs complex objects step-by-step.
2. Structural Patterns – Deal with class and object composition
o 🔸 Adapter: Converts one interface into another.
o 🔸 Decorator: Adds behavior to objects dynamically.
o 🔸 Facade: Provides a simplified interface to a complex system.
3. Behavioral Patterns – Deal with communication between objects
o 🔸 Observer: One-to-many dependency, e.g., event listeners.
o 🔸 Strategy: Enables selecting an algorithm at runtime.
o 🔸 Command: Encapsulates a request as an object.

✅ Example (Java – Singleton):

java
CopyEdit
public class Singleton {
private static Singleton instance;

private Singleton() {}

public static Singleton getInstance() {

if (instance == null) {
instance = new Singleton();
}
return instance;
}
}

✅ Example (Python – Strategy):

python
CopyEdit
class PaymentStrategy:
def pay(self, amount):
pass

class CreditCardPayment(PaymentStrategy):
def pay(self, amount):
print(f"Paid {amount} using credit card.")

class PayPalPayment(PaymentStrategy):
def pay(self, amount):
print(f"Paid {amount} using PayPal.")
# Usage
payment = PayPalPayment()
payment.pay(100)

Q: 6. What is the difference between synchronous and asynchronous

programming?

Answer:

The main difference lies in how tasks are executed and how the program handles waiting
for results.

🔹 Synchronous Programming:

In synchronous programming, tasks are executed one after the other, and each task must
complete before the next one starts.
If a task takes time (like a file read or API call), the program waits (blocks) until it's done.

✅ Think of it like waiting in line at a bank: the next person is served only after the previous
one is done.

🔹 Asynchronous Programming:

In asynchronous programming, tasks can be started and then paused, allowing other tasks
to run while waiting.
It’s non-blocking — the program doesn’t wait; it moves on and handles the result later (via
callbacks, promises, or async/await).

✅ Think of it like ordering food and waiting at a table: the kitchen keeps preparing other
meals while your food is cooking.

✅ Examples:

Java (Synchronous):

java
CopyEdit
String data = fetchData(); // blocks until fetchData() is done
System.out.println(data);

JavaScript (Asynchronous):

javascript
CopyEdit
fetch('https://api.example.com/data')
.then(response => response.json())
.then(data => console.log(data));

Python (Asynchronous):

python
CopyEdit
import asyncio

async def main():

await fetch_data() # non-blocking
print("Done")

asyncio.run(main())

✅ Summary:

Feature Synchronous Asynchronous

Execution Step by step Tasks may run independently
Blocking Yes No
Use case Simple flows I/O-heavy operations, concurrency
Performance impact Slower for I/O More efficient resource usage

Q: 7. What are RESTful APIs and how do they work?

Answer:

A RESTful API (Representational State Transfer) is a type of web service that allows
communication between systems over HTTP, following specific architectural principles.
REST is stateless, resource-based, and uses standard HTTP methods like GET, POST,
PUT, DELETE to perform operations on resources.

🔹 How RESTful APIs Work:

 Resources are identified by URLs (e.g., /users/123)

 Clients send HTTP requests to these URLs
 The server returns data, usually in JSON or XML format
 Each request is independent and does not rely on any previous request
🔹 Common HTTP Methods in REST:

Method Purpose Example

GET Retrieve data GET /products
POST Create a new resource POST /users
PUT Update/replace a resource PUT /users/123
PATCH Partially update a resource PATCH /users/123
DELETE Delete a resource DELETE /users/123

🔹 REST Principles:

1. Stateless – Each request is self-contained.

2. Client-Server Separation – UI and data logic are separated.
3. Uniform Interface – Standard methods and conventions.
4. Cacheable – Responses can be cached to improve performance.
5. Layered System – Can have intermediaries (e.g., proxies, load balancers).

✅ Example (JSON Response from REST API):

json
CopyEdit
GET /users/1

{
"id": 1,
"name": "Alice",
"email": "[email protected]"
}

✅ Why REST is Popular:

 Simple and uses standard HTTP

 Language-agnostic
 Widely supported across web and mobile platforms

Q: 8. What is the difference between PUT and PATCH in HTTP?

Answer:

Both PUT and PATCH are HTTP methods used to update resources, but they differ in how
they update the resource.

🔹 PUT: Full Update

  Replaces the entire resource with the new data.
 If any field is missing in the request, it may be overwritten or removed.
 Idempotent: calling it multiple times has the same effect.

✅ Think of it as replacing the whole object.

Example:

http
CopyEdit
PUT /users/123
{
"name": "Alice",
"email": "[email protected]"
}

If the original user had an "age" field and it's missing here, it may be deleted.

🔹 PATCH: Partial Update

 Updates only the specified fields of the resource.

 The rest of the resource remains unchanged.
 Also idempotent, but designed for partial modifications.

✅ Think of it as editing only what's changed.

Example:

http
CopyEdit
PATCH /users/123
{
"email": "[email protected]"
}

Only the email field is updated; other fields like name and age stay the same.

✅ Summary:

Feature PUT PATCH

Update Type Full replacement Partial update
Missing Fields May be removed Ignored
Use Case Replace entire resource Update one or a few fields
Idempotent Yes Yes (ideally)
Q: 9. What is middleware in web development?

Answer:

Middleware is software that sits between the client request and the server response. In
web development, it refers to functions or components that process requests before they
reach the final route handler or after the response is generated.

Middleware is commonly used in web frameworks like Express.js, Django, or Spring

Boot.

🔹 Common Uses of Middleware:

 Authentication & Authorization

 Logging & Monitoring
 Input Validation
 Error Handling
 Parsing request bodies (e.g., JSON, form data)
 CORS handling

✅ Example: Express.js (JavaScript)

javascript
CopyEdit
app.use((req, res, next) => {
console.log(`${req.method} ${req.url}`);
next(); // Pass control to the next middleware or route
});

✅ Example: Django (Python)

python
CopyEdit
class SimpleMiddleware:
def __init__(self, get_response):
self.get_response = get_response

def __call__(self, request):

# Do something before view is called
response = self.get_response(request)
# Do something with the response
return response

✅ Summary:

Feature Description
Position Between client and final handler
 Feature Description
Function Pre-process or post-process requests/responses
Reusability Easy to reuse across multiple routes or apps
Examples Auth checks, logging, CORS, error handlers

Q: 10. What is event-driven architecture?

Answer:

Event-Driven Architecture (EDA) is a software design pattern where the flow of the
program is determined by events — such as user actions, sensor outputs, or messages from
other services.

In this architecture, components communicate through events, often in asynchronous

ways. When something happens (an event), it triggers a reaction in the system.

🔹 Key Components:

1. Event Producer – Generates events.

E.g., A user uploads a file or a payment is made.

2. Event Consumer – Listens for and reacts to events.

E.g., Resize image after upload, send confirmation email.

3. Event Channel (Broker) – Transfers events between producers and consumers.

E.g., Kafka, RabbitMQ, AWS EventBridge.

🔹 Advantages:

 Loose coupling between components

 Highly scalable and resilient
 Real-time response to actions
 Easier to extend and integrate with new features

✅ Example Use Case:

In an e-commerce system:
 1. Order is placed → event generated
2. Inventory service receives event → updates stock
3. Email service receives same event → sends confirmation
4. Analytics service logs the event

All services work independently, reacting to the same event.

Q: 11. What is the difference between authentication and authorization?

Answer:

Authentication and authorization are both critical for application security, but they serve
different purposes.

🔹 Authentication – "Who are you?"

 The process of verifying the identity of a user or system.

 Typically involves username/password, biometrics, tokens, etc.
 Happens before authorization.

✅ Example: Logging into an application with your email and password.

🔹 Authorization – "What are you allowed to do?"

 Determines whether a verified user has permission to access a resource or perform

an action.
 Happens after authentication.
 Based on roles, permissions, or access policies.

✅ Example: A logged-in user can view their profile but cannot access the admin panel
unless authorized.