Technologies

Question 1

What is the software development life cycle?

Answer 1

The Software Development Life Cycle (SDLC) is a process used by software development teams to define, design, develop, and test software applications.

Question 2

Roles in a project (Product Owner, Project Manager, Business Analyst, Software Developer, Tester, DevOps, etc.)

Answer 2

Various roles on a project include Product Owner, Project Manager, Business Analyst, Software Developer, Tester, DevOps, etc.

The Product Owner is responsible for defining and prioritizing the features of the product or service being developed. They act as the liaison between the development team and stakeholders, ensuring that the product meets the needs of the users and aligns with the overall business objectives.

The Scrum Master is a facilitator and servant leader who guides and empowers the Scrum Team in practicing Scrum principles and values. They facilitate Scrum events, coach team members on Scrum practices, and remove impediments to the team’s progress. The Scrum Master fosters a collaborative and self-organizing team environment, ensuring that the team adheres to Scrum practices and continuously improves their processes to deliver high-quality products efficiently.

The Project Manager oversees the planning, execution, and delivery of a project within the constraints of time, budget, and scope. They are responsible for coordinating tasks, managing resources, mitigating risks, and ensuring that the project is completed successfully and on schedule.

The Business Analyst bridges the gap between business stakeholders and the development team by analyzing business processes, identifying requirements, and proposing solutions to improve efficiency and achieve business goals. They gather and document user needs, define project scope, and facilitate communication between stakeholders and the development team.

A Software Developer designs, develops, tests, and maintains software applications or systems. They translate technical requirements into code, implement functionality according to specifications, and collaborate with other team members to deliver high-quality software solutions that meet user needs.

Testers are responsible for evaluating the quality and functionality of software applications through various testing methods, such as manual testing, automated testing, and regression testing. They identify defects, verify fixes, and ensure that the software meets the specified requirements and standards before it is released to production.

DevOps: DevOps (Development and Operations) professionals focus on streamlining the software development lifecycle by integrating development and IT operations practices. They automate processes, manage infrastructure, and implement continuous integration and delivery pipelines to accelerate software delivery, improve efficiency, and enhance collaboration between development and operations teams.

Question 3

Principles of OOP (Encapsulation, Inheritance, Polymorphism - definition, examples of inheritance)

Answer 3

Object-Oriented Programming (OOP) principles include Encapsulation, Inheritance, and Polymorphism, which enable code organization and reusability.

The object is, conceptually, a self-contained unit that consists of data attributes and methods that operate on the data attributes.

A class is code that specifies the data attributes and methods of a particular type of object. Think of a class as a “blueprint” that objects may be created from. It serves a similar purpose as the blueprint for a house.

Encapsulation is the bundling of data (attributes) and methods (functions) that operate on the data into a single unit called a class. It restricts direct access to some of the object’s components, which helps to prevent unintended interference and misuse.

Example: Consider a class representing a car. Encapsulation allows us to hide the internal details of the car (such as its engine, transmission, and fuel system) and only expose a limited set of methods (e.g., start(), stop(), accelerate()) that users can interact with. This way, the internal state of the car is protected, and users can only interact with it through a well-defined interface.

Inheritance is a mechanism in which a new class (called a subclass or derived class) is created from an existing class (called a superclass or base class), inheriting its properties and behaviors. It allows for code reuse and the creation of a hierarchy of classes.

Example: Suppose we have a superclass called Animal, which has attributes like species and methods like eat() and sleep(). We can create subclasses like Dog and Cat that inherit from the Animal class. These subclasses will inherit the attributes and methods of the Animal class and can also have their own unique attributes and methods. For example, the Dog class may have additional methods like bark() and playFetch().

For example, a grasshopper is an insect. Here are a few other examples of the “is a” relationship: A poodle is a dog. A car is a vehicle. * A flower is a plant. * A rectangle is a shape. A football player is an athlete. When an “is a” relationship exists between objects, it means that the specialized object has all of the characteristics of the general object, plus additional characteristics that make it special. In object-oriented programming, inheritance is used to create an “is a” relationship among classes. This allows you to extend the capabilities of a class by creating another class that is a specialized version of it. Inheritance involves a superclass and a subclass. The superclass is the general class and the subclass is the specialized class. You can think of the subclass as an extended version of the superclass. The subclass inherits attributes and methods from the superclass without any of them having to be rewritten. Furthermore, new attributes and methods may be added to the subclass, and that is what makes it a specialized version of the superclass.

Polymorphism allows subclasses to have methods with the same names as methods in their superclasses. it gives the ability for a program to call the correct method depending on the type of object that is used to call it.

When a subclass method has the same name as a superclass method, it is often said that the subclass method overrides the superclass method. 2. The ability to call the correct version of an overridden method, depending on the type of object that is used to call it. If a subclass object is used to call an overridden method, then the subclass’s version of the method is the one that will execute.

Example: animal - make sound
dog - bark
car -mew

Question 4

What is an operating system? What types of OS do you know?

Answer 4

An operating system (OS) is a software program that serves as an intermediary between computer hardware and software applications. It provides a platform for executing programs and managing computer resources, including memory, processors, input/output devices, and storage.

Examples of popular operating systems include Microsoft Windows, macOS (formerly OS X), Linux, Unix, and various distributions of Unix-like systems such as Ubuntu, CentOS, and Debian.
Overall, an operating system plays a critical role in managing the hardware and software components of a computer system, facilitating efficient and secure operation for users and applications.

Аппаратное обеспечение:
- материнская плата

The motherboard is the main circuit board that connects and integrates all the components of a computer.

• процессор (центральный процессор фактически исполняет программы)

The processor, or CPU, is the central processing unit responsible for executing programs and performing calculations.

• оперативная память

RAM is temporary memory that the processor uses to store data and program instructions while it is actively processing them.

• встроенная память

Built-in memory refers to non-volatile storage directly integrated into the motherboard or other components, such as ROM or firmware.

• видеокарта
• звуковая карта

Graphics cards handle the rendering of images and video on a computer, while sound cards process audio signals for output through speakers or headphones.

• сетевая плата

Network interface cards enable communication between a computer and a network, such as Ethernet or Wi-Fi.

• система охлаждения

The cooling system includes fans, heat sinks, and other mechanisms designed to dissipate heat generated by the components to prevent overheating and maintain optimal performance.

Вторичные устройста:
- жесткий диск
- флеш накопитель

Secondary devices include storage devices like hard disk drives (HDDs) for long-term data storage and flash drives (USB drives) for portable data transfer.

Операционная система - мозг, если хотим специфические знания и умения - устанавливаем на нее программу - прикладное ПО

The operating system is the software that manages hardware resources and provides a platform for running other software applications. It acts as the intermediary between the hardware and the user, facilitating interactions and managing system resources.

Обслуживающая программа (утилита)

Utility software, or utilities, are specialized programs designed to perform specific tasks related to system maintenance, management, and optimization. These include antivirus software, disk cleanup tools, backup utilities, and system diagnostic programs.

Question 5

What is a web application?

Answer 5

A Web Application is a software application that runs on a web server and is accessed through a web browser over a network.

Question 6

What is adaptive design?

Answer 6

Adaptive design is a user interface that’s adapted to different screen sizes. It consists of multiple fixed layouts where the size most closely associated with the user’s device is rendered—whether that’s a phone, tablet, computer, or something in between.

Question 7

What is native development? What is cross-platform development? What is the difference?

Answer 7

Native Development involves building applications for specific platforms (e.g., iOS, Android) using platform-specific languages and tools. Cross-Platform Development involves building applications that can run on multiple platforms using a single codebase. The difference lies in the approach and technology stack used.

Question 7

What is a mobile application?

Answer 7

A Mobile Application is a software application designed to run on mobile devices such as smartphones and tablets.

Question 7

What is frontend? What is backend? Examples of languages*

Answer 7

Frontend refers to the part of a software application or website that users interact with directly. It includes elements such as user interface, design, and functionality that are visible and accessible to users.

Backend refers to the part of a software application or website that is responsible for managing data, processing requests, and performing computations. It includes server-side logic and infrastructure that operate behind the scenes to support frontend functionality.

Examples of frontend languages include HTML, CSS, and JavaScript, which are commonly used to create and design user interfaces.

Examples of backend languages include Python, Java, and PHP, which are used to develop server-side logic and handle data processing.

Question 7

What is software architecture? What types do you know?

Answer 7

Software architecture refers to the structure and design of a software system, including its components, relationships, and principles guiding its development.
It encompasses decisions about system organization, communication protocols, and design patterns to ensure scalability, maintainability, and performance.

There are several types of software architecture, including:

Monolithic Architecture: A single-tiered architecture where all components of the software are combined into a single program or module.

Client-Server Architecture: A distributed architecture where tasks are divided between clients requesting services and servers providing those services.

Microservices Architecture: A distributed architecture where a system is composed of small, independent services that communicate through APIs.

Question 8

What is client-server architecture?

Answer 8

Client-Server Architecture: A distributed architecture where tasks are divided between clients requesting services and servers providing those services.

Question 8

What is hosting?

Answer 8

Hosting is the process by which you make a website accessible to other users on the Internet.

The process by which
a website is put on a server and made available on the Internet is called hosting.
Hosts are computers that are connected to the Internet nonstop so that
the website files you put on them are always accessible.

Imagine if you put your files on a server that someone turned off every night. When trying to access your website, your nighttime visitors and customers would receive
error messages. That means lost business and fewer Facebook likes—so an
always-on high-speed Internet connection for the hosting server is a must.
The only other thing these computers need is special web hosting software
that I don’t get into here. In a nutshell, that is pretty much what you need to
host a website properly.

Hosting providers quickly became popular. They allowed website developers
to focus on the product and minimize worries about its distribution. Hosting
providers typically offer a control panel for website developers to manage the
site and allow files to be moved to these remote servers using File Transfer
Protocol (FTP). FTP allows programs to exchange resources between computers connected to the Internet. If you host MyAppoly on a computer (server)
that lives elsewhere, as is likely the case, FTP allows you to establish a connection and interact with the remote computer to move your website files
onto it, even if it’s located in a different state or country. This interaction is
typically limited to moving files around (file management), but you don’t need
much more than that.

Hosting refers to the process of storing and serving website or application files on a server that is connected to the internet. It allows individuals and organizations to make their websites or applications accessible to users worldwide. Hosting providers offer various services and plans to accommodate different needs, including shared hosting, virtual private servers (VPS), dedicated hosting, and cloud hosting.

Question 8

What is microservices architecture? What is monolithic architecture? What is the difference?

Answer 8

Microservices Architecture: A distributed architecture where a system is composed of small, independent services that communicate through APIs.

Question 9

SaaS, PaaS, and IaaS - what are they and what is the difference?*

Answer 9

Cloud computing is the delivery of on-demand computing resources over the internet on a pay-as-you-go basis; resources are dynamically assigned and reassigned among multiple users and scale up and down in response to users’ needs.

Cloud Service Models:
SaaS (Software as a Service): SaaS is a software distribution model where applications are hosted by a third-party provider and made available to customers over the internet. Users access the software through a web browser without needing to install or maintain any infrastructure or software. Examples include Google Workspace, Microsoft Office 365, and Salesforce.

Alternative to deploying applications on the desktop

PaaS (Platform as a Service): PaaS provides a platform allowing customers to develop, run, and manage applications without dealing with the complexities of infrastructure management. It typically includes tools for application development, deployment, and scalability. Examples include Google App Engine, Microsoft Azure App Service, and Heroku.

Alternative developing your own application infrastructure (Salesforce)

IaaS (Infrastructure as a Service): IaaS provides virtualized computing resources over the internet. It offers virtualized hardware resources such as virtual machines, storage, and networking, allowing customers to deploy and manage their own virtualized infrastructure. Examples include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).

Alternative to running your own servers

Question 10

What is an interface? Real-life examples

Answer 10

An interface is a point of interaction between different components or systems. In real life, examples of interfaces include the dashboard of a car, where the driver interacts with various controls and displays to operate the vehicle, and the user interface of a smartphone app, where users interact with buttons, menus, and screens to perform tasks.

Question 11

What is a library? What is a framework? What is the difference? Examples

Answer 11

A library is a collection of reusable code modules or functions that can be called by an application to perform specific tasks. Examples include jQuery for JavaScript and Pandas for Python, which provide pre-written functions for tasks like DOM manipulation and data analysis.

A framework, on the other hand, is a pre-built structure or architecture that provides a foundation for developing applications. It typically includes predefined classes, functions, and workflows to guide the development process. Examples include React.js for building user interfaces and Django for web development in Python.

A framework differs from a library in that a library is a set of reusable components, whereas a framework is a starter solution that includes an architecture.

Frameworks and libraries are both code written by someone else that helps you perform some common tasks in a less verbose way.

A framework inverts the control of the program. It tells the developer what they need. A library doesn’t. The programmer calls the library where and when they need it.

Question 12

What is integration?

Answer 12

Integration refers to the process of combining or linking different systems, components, or software applications to work together seamlessly. This can involve exchanging data, sharing resources, or coordinating activities between systems.

Question 13

What is a protocol? What protocols do you know? (http, https, ssh, ftp)

Answer 13

What is a protocol?

A standard set of rules for communicating

Protocol hierarchy/ protocol stack, TCP/IP:
- layers of protocol
- transmission between application rules and standards

In 1990, Tim Berners-Lee and others at the European Organization
for Nuclear Research (CERN) developed the precursors of HyperText
Markup Language (HTML) and HyperText Transfer Protocol (HTTP), which
jointly enable the exchange of information online. After 1991, the first
graphical browsers—programs that allow you to view web pages on the
Internet—were released. This created an attractive and efficient way to
share and consume information on the web.

HTTP, HTTPs for web browsers
ftp - for transferring files
TCP/IP is a dominant protocol stack today

A protocol is a set of rules and standards that govern communication between devices or systems. It defines the format, sequencing, error control, and data exchange methods used during communication. Protocols ensure that information is transmitted efficiently and reliably across networks or between software components.

HTTP (Hypertext Transfer Protocol): HTTP is a protocol used for transferring hypertext documents on the World Wide Web. It defines how messages are formatted and transmitted between web servers and clients, enabling the retrieval and display of web pages in browsers.

HTTPS (Hypertext Transfer Protocol Secure): HTTPS is a secure version of HTTP that adds encryption and authentication mechanisms to protect the integrity and privacy of data transmitted between a web server and a client. It uses SSL/TLS encryption to establish a secure connection.

SSH (Secure Shell): SSH is a network protocol that provides secure access to remote systems or devices over an unsecured network. It enables secure command-line, file transfer, and tunneling capabilities, allowing users to remotely manage and interact with systems securely.

FTP (File Transfer Protocol): FTP is a standard network protocol used for transferring files between a client and a server on a computer network. It provides a simple and reliable method for uploading, downloading, and managing files on remote servers.

HTTP and Using the Internet
How data travel physically is pretty straightforward—but how do you tell
someone to send the data in the first place? What is actually happening behind
the scenes when somebody—let’s say you—visits your brainchild, MyAppoly?
MyAppoly In case you skipped the preface, you should be aware that this book is structured
as a loose narrative starring you as the main character. The premise is that you are building a web
application called MyAppoly. The name is just a catch-all; any resemblance to any real application
is purely coincidental. I encourage you to imagine MyAppoly in any context that catches your fancy.
If you are a killer app entrepreneur or angel investor, MyAppoly will be your ticket to a $1 billion
exit strategy. If you are a nonprofit executive, MyAppoly will help you raise funds and connect your
volunteers. If you work at a Fortune 500 firm, MyAppoly will help your company stay competitive and
ahead of the curve of evolving consumer expectations.
You open your web browser and want to access a picture on the MyAppoly
website. The physical web pages you visit are documents coded in HTML,
most likely, and they are stored somewhere on a computer called the server—
probably one owned or rented by your company. The server hosts the website online (Chapter 2). All of the files of your application live on the server. If
your site has pictures or videos, they are stored on the server and every such
file is referred to as a resource.
You proceed to type your web address—the uniform resource locator (URL),
www.MyAppoly.com—into the browser. Technically, you could have typed the
specific IP address of the MyAppoly server because that is where the page lives,
but who has the capacity to remember the IP address linked to every website?
Do you remember the mailing address of every one of your friends? Unless
you are a savant, probably not. Instead, you probably look up their addresses in
an address book by searching their names. Similarly, the Domain Name System
(DNS) maps domain names such as MyAppoly.com to their IP addresses.
You reach MyAppoly.com and click on a link to view the picture gallery on the
website. (lgnore for the moment how you view the homepage; we’ll get to that
in a moment.) Remember, all of these pictures also live on the server. Let’s say
that they are all in a folder called “Pictures.” You might notice the URL change to
MyAppoly.com/Pictures. If you click on the first picture, maybe you are taken
How to Speak Tech 5
to http://www.MyAppoly.com/Pictures/pic1.jpg. If you break the URL
down into its component parts, we can see that the domain name indicates the
proper server, and all of the stuff after the .com tells you where on the server
the files are located (in tech-speak: the hierarchical location of the file). In other
words, the URL is the text address of a resource. For a letter, the ZIP code gets
you into the right town and neighborhood, but you need the street and number
to find a particular house. The same is true of URLs.
Revealing exactly where on the server your files are located can be imprudent from a security perspective. Do you give out your house address to
strangers? Probably not. Similarly, you probably don’t want the URL to expose
exactly where all the resources reside on the server because that might allow
a hacker to exploit it in some way. Therefore, it is possible to have a URL
show a fake folder—called, say, “Images”—rather than its actual location in
“Pictures” (see Chapter 12).
How exactly do you receive the web pages you want to view on MyAppoly’s
site, such http://www.MyAppoly.com/Pictures/pic1.jpg? First, your
browser accesses the DNS to obtain the IP address corresponding MyAppoly
so it knows where your server is. Your browser does not physically travel to
the MyAppoly server to fetch the picture, so it must send some sort of message over the Internet telling the server to send the file. An HTTP request
does just that. HTTP is a set of rules for exchanging resources (text, images,
audio, and so on) on the Internet.
Your request can be of two types: GET and POST. The GET method tells
the server that you want to get files from the server. On receiving a GET
request, the server retrieves the appropriate files and sends them back to
your browser. The other request type is POST, which the browser uses if you
are sending data to the server (for example, data to be stored in a database or
a query word to search). Technically, both methods can serve either function,
but they are slightly different in how data are actually sent over the Internet.
With the GET method, the information you send to the server is added to
the URL. If you are searching for the phrase “mediterranean” on MyAppoly,
for example, the GET request might make the URL look like www.MyAppoly.
com/search?q= mediterranean. If the search term is sent via POST, the
term would be within the HTTP message and not visible in the URL. On the
surface, it seems your data are hidden, which is good, but the data can still be
accessed in other ways, so we cannot assume it is completely secure. These
are the two major types of requests your browser can make to the server;
just 10 minutes on Facebook probably consists of hundreds of these requests.
Because a user (known as a client) is accessing a server, the Internet is said to
follow a client/server architecture.
So your browser has issued a request, which finds the MyAppoly server and
tells it to GET the page containing the pic1 file (a web page). The server fetches
the resource, and sends it back using TCP/IP. When the data are returned to
6 Chapter 1 | The Internet
the browser, it contains some key parts so the browser can rebuild the document for viewing. It consists of the HTTP header, which provides useful information about the data as well as the content itself. The browser can use this to
display, or render, the resource. The process is not necessarily finished, however,
because the browser may need to issue more requests. This is because the
server can only send one resource at a time back to the browser, and several
requests are needed to construct a web page. If you want to view the page that
has the pic1 picture on it, you are asking for two resources: the HTML page and
the pic1 image located on the page. Therefore, the browser needs at least two
requests. If the page has an image on it, as in this example, or requires formatting that is defined in another file on the server (Chapter 4), additional HTTP
requests are needed to retrieve those resources from the server. Everything
you see—from the web page and its style to the pictures and their captions—
was fetched using these HTTP requests.
This process might seem inefficient. When you “refresh” a web page containing several pictures, your browser has to do a lot of work: “I need the page.
Oh, I also need the first photo. And the second one. And the third one. By
the way, could I also have the sheet that tells me how to style everything? Oh,
I need the audio file, too, if your page plays the music in the background.” This
might take a long time and the page may not have changed since your last visit.
Browsers are smart and can cache, or save, recently viewed web pages. In this
way, they avoid superfluous interaction with the server. Caching assumes that
none of the resources that make up a page has changed, but a simple HTTP
request can confirm that fact. Only when the web page changes does the
browser need to fire off its barrage of requests.
In accessing websites, users often activate cookies. Cookies are essentially
things that websites can store on your computer that describe data you may
have given the website. Let’s say you visit MyAppoly, fill out a few forms, and
view a few products. MyAppoly can store which products you viewed in a
cookie. When you return, the site can access your cookie and customize
the experience based on the information enclosed. On one hand, cookies
are desirable because they help make websites relevant; on the other hand,
they raise some privacy concerns. Do you want a website collecting information about you without your explicit consent? (More on cookies follows in
Chapters 10 and 12.)
Conclusion
With your knowledge of some of the basic elements, operations, and tools
of the Internet, you are probably eager to move on to the challenge of creating the next big thing—MyAppoly! But first stop to consider what exactly is
involved in website hosting, which is the precondition for your application
being on the Internet.

Question 14

What is an API? Types of APIs*

Answer 14

An API (Application Programming Interface) is a set of rules, protocols, and tools that allows different software applications to communicate with each other. It defines how software components should interact, what data can be accessed or manipulated, and the operations that can be performed. APIs enable developers to integrate functionality from one application into another, facilitate interoperability between systems, and streamline software development.

Web APIs: Web APIs are APIs that are accessible over the internet using standard web protocols such as HTTP or HTTPS. They provide access to web-based services, data, or functionality, allowing developers to interact with remote servers or services.

Library APIs: Library APIs are APIs provided by programming libraries or frameworks that developers can use to access the functionality and features offered by the library. They define the methods, classes, and data structures available for use within the library.

Operating System APIs: Operating System APIs are APIs provided by operating systems that enable developers to interact with system resources and perform tasks such as file management, process control, memory allocation, and device input/output.

Private APIs: Private APIs, also known as internal APIs, are used to connect different software components within a single organization, and they are not available for third-party use. For instance, a social media application might have a private API that handles the login workflow, another private API that handles the feed, and yet another private API that facilitates communication between users. Some applications may include dozens or even hundreds of private APIs.

Public APIs: Public APIs provide public access to an organization’s data, functionality, or services, which third-party developers can integrate into their own applications. Some public APIs are available for free, while others are offered as billable products. For instance, an e-commerce application may incorporate a public payment API, such as Stripe, to handle payment processing without having to build that functionality from scratch.

Partner APIs: Partner APIs enable two or more companies to share data or functionality in order to collaborate on a project. They are not available to the general public and therefore leverage authentication mechanisms to ensure they are only used by authorized partners.

You can also categorize APIs according to their architectural style, of which there are many. The most frequently used architectural styles are:

REST: As discussed above, REST is the most popular API architecture for transferring data over the internet. In a RESTful context, resources are accessible via endpoints, and operations are performed on those resources with standard HTTP methods such as GET, POST, PUT, and DELETE.

SOAP: SOAP, which stands for Simple Object Access Protocol, uses XML to transfer highly structured messages between a client and server. SOAP is often used in enterprise environments or legacy systems, and while it includes advanced security features, it can be slower than other API architectures.

GraphQL: GraphQL is an open source query language that enables clients to interact with a single API endpoint to retrieve the exact data they need, without chaining multiple requests together. This approach reduces the number of round trips between the client and server, which can be useful for applications that may run on slow or unreliable network connections.

Webhooks: Webhooks are used to implement event-driven architectures, in which requests are automatically sent in response to event-based triggers. For instance, when a specific event occurs in an application, such as a payment being made, the application can send an HTTP request to a pre-configured webhook URL with the relevant event data in the request payload. The system that receives the webhook can then process the event and take the appropriate action.

gRPC: RPC stands for Remote Procedure Call, and gRPC APIs were originated by Google. In gRPC architectures, a client can call on a server as if it were a local object, which makes it easier for distributed applications and systems to communicate with one another.

The technicals underlying APIs can get complicated, but the basics are
simple. First, it is important to emphasize that APIs are software-to-software
interfaces. Applications talk to each other without your involvement. If
MyAppoly needs to show the weather, for example, the software can communicate (“make calls”) with a weather API in the background to obtain the
most updated weather report before showing it to the user, as detailed in
the following example.
One way you could retrieve the weather would be through the weather
website (direct access). Alternatively, you could go through a middleman—an
API—that stands in between you and the weather website. Now instead of
accessing the weather directly through a browser, the API tells you that you
have to submit whatever you want via code. But how do you know what to
write? The API provides documentation that tells you what the valid requests
are and how exactly to write them. (The API is picky and only processes your
code if you write it in the precise way it understands). So, after reading the
API’s instructions and rules, you specify that you want the weather by writing
the getWeather function outlined in the API’s documentation. Now when you
give the function to the API, it turns around and interacts with the server to
retrieve your information. The API then returns the results to you in a format that easily digestible (typically XML or JSON, discussed in the “JavaScript
Object Notation” section of this chapter). Depending on what the API allows
you to do, you could theoretically get all the information you want through
the API and never have to visit the website again through a browser. It’s not
all about the data though, so do focus on design and user experience. Plenty
of your visitors will expect your actual website to look good even if you do
offer an API. APIs that extend functionality in addition to data operate in a
similar fashion.
How to Speak Tech 59
From this example, you can see that APIs are designed for software developers
and can be defined as “a set of routines (usually functions) and accompanying
protocols for using these functions that provide building blocks for software
development.” They allow users to connect to the application via a secure
channel and then run functions using code to get information or to borrow
functionality.
Two of the more popular types of APIs—Representational State Transfer (REST)
and Simple Object Access Protocol (SOAP)—are described and compared in the
next sections.

REST API:
REST is an architectural style developed by Roy Thomas Fielding to allow the
Web to be more scalable. To follow REST’s architectural style and be considered RESTful, one must follow a set of conditions that are not presented
here but are easily found online. Every request has two parts: the endpoint,
or URL, and the message that contains the request. This REST request is sent
to a special URL using the GET method described in Chapter 1. This request
consists of a few parts, including the endpoint URL, a developer ID or “key”
if required (this helps the API keep track of who is making requests and how
often), the desired action (e.g., getWeather), and parameters that give more
information on the request (e.g., getWeather for today and yesterday only). All
of this information is encoded in the URL and sent to the API via GET. The
API then decodes the request, interacts with the server to complete the
desired action, and then returns a response to the user.

SOAP API:
Started as a Microsoft Initiative in 1997, SOAP is another way to request data
from remote servers using HTTP. Whereas with the REST API the specifics of
the request are sent encoded in the URL, with SOAP the specifics of request
itself are contained within the body of an XML document. The XML document that makes up the message has to satisfy the specifications outlined in a
Web Services Description Language (WSDL) file. Ultimately, the message is sent
via POST or GET, but here again, the specifics of the requests, such as the
desired action, developer key, and parameters, are contained within the message. In a way, SOAP is like sending a request in an envelope (the exact request
is hidden) whereas REST is sending a request on a postcard (viewable by all).
Both travel via mail, or HTTP, though. As can be the case with REST APIs, the
response is an XML object.

Comparing REST and SOAP
REST and SOAP present the following points of comparison:
* Overhead. Because REST requests are entirely contained
in the URL whereas SOAP requests are contained in a
document, SOAP requests tend to be larger, to require
more overhead, and to contain a lot more information
in different parts of the message that further define the
request.
* Transparency. To continue the postcard and envelope analogy, everything is out in the open with REST and hence
monitored more easily, whereas only the address (endpoint URL) is viewable with SOAP.
* Ease of use. REST requests tend to be more simply generated. This comparison is corroborated by the observation
that 85% of Amazon’s requests come from REST APIs.
* Development time. REST APIs are typically quicker to
develop than SOAP APIs, contingent on your individual
programmer’s expertise.
* Flexibility. Because SOAP uses XML documents as messages,
more information can be included in SOAP requests than
in REST requests, giving SOAP APIs greater flexibility.

Authentication
As discussed in the opening sections of this chapter, you might want to keep
track of who is using your API and what they are requesting. You also might
want to communicate with your API users to confirm the accuracy of the
data and security of the connection. Approaches to authentication include
the following:
* Open API. No authentication is used. There are no
barriers to use the API, the code can be distributed more
freely, and there is less hassle to manage provided you
do not need to keep track of individual users. This would
be an attractive option if you are interested only in what
people are doing anonymously in aggregate and not in
what specific individuals are doing or controlling who
uses your API and how they use it.
How to Speak Tech 61
* HTTP authentication. Authentication information can be
passed in the HTTP headers of incoming requests
* Message-based authentication. Credentials such as a unique
developer’s key can be passed in the API request as part
of the message.
* SSL endpoint. This method helps the client keep track of
the server. After receiving a server certificate, the client
can check to see if it changes. If it does, the information
is likely coming from a source other than the server and
therefore cannot be trusted. This authentication method
prevents a middleman from impersonating the person
you are expecting. Because the SSL endpoint method
does not help identify the client, it is used in conjunction
with one of the other methods listed here.
* Client-side certificates. You can configure your API to
create certificates that are given to a client (via a secured
channel) that would reappear and be authenticated every
time the client makes a request. Although this is considered a robust way of dealing with authentication, it can be
considerably slower.

Question 15

Difference between SOAP and REST. What is RESTful?**

Answer 15

SOAP (Simple Object Access Protocol) and REST (Representational State Transfer) are both protocols used for designing web services, but they differ in their architectural styles, communication patterns, and message formats.

SOAP is a protocol that uses XML-based messages and a set of standards for defining message formats, service interfaces, and communication protocols. It relies on a rigid messaging structure and requires more overhead for processing and parsing XML messages.

REST, on the other hand, is an architectural style based on a set of principles and constraints that emphasize simplicity, scalability, and statelessness. RESTful services use standard HTTP methods (GET, POST, PUT, DELETE) for communication and represent resources as URLs. They typically exchange data in lightweight formats such as JSON or XML.

Key differences between SOAP and REST include:

Message Format: SOAP messages are XML-based, while RESTful services commonly use JSON or XML for data exchange.

Communication: SOAP uses XML over protocols like HTTP, SMTP, or TCP, while REST uses HTTP for communication.

Statelessness: RESTful services are stateless, meaning each request from a client contains all the necessary information for the server to fulfill it, while SOAP can maintain state between requests using session management techniques.

In summary, SOAP is a protocol with strict standards and messaging formats, while REST is an architectural style focused on simplicity and statelessness. RESTful services adhere to the principles of REST and use HTTP for communication, making them lightweight and scalable.

What are some common API use cases?
APIs are extremely versatile, and they support a wide range of use cases that includes:

Integrating with internal and external systems
One of the most common reasons developers turn to APIs is to integrate one system with another. For instance, you can use an API to integrate your customer relationship management (CRM) system with your marketing automation system, which would allow you to automatically send a marketing email when a sales representative adds a new prospective customer to the CRM.

Adding or enhancing functionality
APIs let you incorporate additional functionality into your application, which can improve your customers’ experience. For instance, if you’re working on a food delivery application, you might incorporate a third-party mapping API to let users track their order while it’s en route.

Connecting IoT devices
APIs are essential to the Internet of Things (IoT) ecosystem, which includes devices such as smart watches, fitness trackers, doorbells, and home appliances. Without APIs, these devices would not be able to connect to the cloud—or to one another—which would render them useless.

Creating more scalable systems
APIs are used to implement microservice-based architectures, in which applications are built as a collection of small services that communicate with one another through private APIs. Microservices are managed, deployed, and provisioned independently of one another, which enables teams to scale their systems in a reliable yet cost-efficient way.

Reducing costs
APIs help organizations reduce operational costs by automating time-intensive tasks, such as sending emails, pulling reports, and sharing data between systems. They can also reduce development costs by enabling teams to reuse existing functionality, instead of reinventing the wheel.

Improving organizational security and governance APIs power many workflows that are essential for organizational security. For instance, single sign-on (SSO), which enables users to use one username and password for multiple systems, is made possible by APIs. APIs are also used to enforce and automate corporate governance rules and policies, such as a requirement that expenses be approved before employees are reimbursed.

This list is far from exhaustive, and it will keep growing as developers continue to create innovative solutions that change the ways we live, work, and interact with one another.

RESTful:
- client-server architecture
- stateless (the server doesn’t co

Question 16

What is a database? What types of databases do you know?

Answer 16

A database is a structured collection of data that is organized and stored in a computer system. It allows for efficient retrieval, manipulation, and management of data.

Relational Database is a collection of data organized into a table structure, where the tables can be linked, or related, based on data common to each.

NoSQL Database is a non-relational database design that provides flexible schemas for the storage and retrieval of data.

Types of NoSQL databases:
Key-value store
Document-based
Column-based
Graph-based.

Question 17

What is a DBMS?

Answer 17

DBMS is a set of programs for creating and maintaining the database, and storing, modifying, and extracting information from the database.

Question 18

What are websockets? What are they used for?

Answer 18

Websockets are a communication protocol that provides full-duplex communication channels over a single TCP connection. They are used to enable real-time communication between a client and a server, allowing for interactive and dynamic web applications.

Question 19

What is cache? What are cookies? What is the difference?

Answer 19

Your browser gets fed up with asking the server and instead stores webpages in a
place called cache.

Cache:
Definition: Cache is a temporary storage mechanism used by web browsers to store copies of web resources (such as HTML pages, images, CSS files, and JavaScript files) that have been previously accessed by the user. Cached resources are stored locally on the user’s device to improve website performance and reduce loading times by serving content from the local cache rather than re-downloading it from the server.
Purpose: The primary purpose of cache is to improve the speed and efficiency of web browsing by reducing the amount of data that needs to be downloaded from the server. Cached resources can be quickly retrieved from the local cache, resulting in faster page load times and a smoother browsing experience for users.
Management: Cache management is typically handled automatically by the web browser, which stores and retrieves cached resources as needed based on factors such as cache expiration policies, cache-control headers sent by the server, and user preferences.

Cookies:
Definition: Cookies are small pieces of data stored by websites on a user’s device (usually in the form of text files) to track user behavior, preferences, and authentication information. Cookies are sent back and forth between the web browser and the web server with each HTTP request, allowing websites to personalize content, remember user preferences, and maintain user sessions.
Purpose: The primary purpose of cookies is to enhance the user experience by providing personalized content, maintaining user sessions (e.g., keeping users logged in), and tracking user behavior for analytics and advertising purposes. Cookies can store information such as user preferences, login credentials, shopping cart contents, and browsing history.
Management: Cookies can be managed and controlled by the user through browser settings, which allow users to view, delete, and block cookies from specific websites or all websites. Website developers can also set expiration dates and security attributes for cookies to control how long they persist and whether they are accessible to third-party websites.
In summary, cache is used to store copies of web resources locally to improve website performance, while cookies are used to store user data and preferences for personalization, authentication, and tracking purposes. Cache is managed automatically by the web browser, while cookies can be managed and controlled by both users and website developers.

Browsers are smart and can cache, or save, recently viewed web pages. In this
way, they avoid superfluous interaction with the server. Caching assumes that
none of the resources that make up a page has changed, but a simple HTTP
request can confirm that fact. Only when the web page changes does the
browser need to fire off its barrage of requests.

In accessing websites, users often activate cookies. Cookies are essentially
things that websites can store on your computer that describe data you may
have given the website. Let’s say you visit MyAppoly, fill out a few forms, and
view a few products. MyAppoly can store which products you viewed in a
cookie. When you return, the site can access your cookie and customize
the experience based on the information enclosed. On one hand, cookies
are desirable because they help make websites relevant; on the other hand,
they raise some privacy concerns. Do you want a website collecting information about you without your explicit consent?

Question 20

What is a repository?

Answer 20

A repository is a central location where data is stored and managed. It is typically used to store and version control source code, documents, and other files related to a project. In software development, a repository is often hosted on a version control system such as Git, GitHub, Bitbucket, or SVN.

Question 21

What is version control system? (Github, Bitbucket)

Answer 21

A Version Control System (VCS) is a software tool used by developers to manage changes to source code, documents, and other files over time. It allows multiple developers to collaborate on a project simultaneously by keeping track of all modifications made to the project’s files and providing mechanisms to merge, compare, and revert changes. VCS also provides a history of all changes made to the project, including who made the changes and when they were made.

Question 22

What is CI/CD?

Answer 22

CI/CD stands for Continuous Integration/Continuous Delivery (or Continuous Deployment). It is a set of practices and tools used by software development teams to automate the process of building, testing, and deploying software.

Continuous Integration involves automatically integrating code changes into a shared repository and running automated tests to ensure code quality.

Continuous Delivery (or Continuous Deployment) involves automatically deploying code changes to production environments after passing the necessary tests.

Question 23

What are logs?

Answer 23

Logs are records of events or actions that occur within a system or application. They are used to track and monitor the behavior of the system, identify errors or issues, and troubleshoot problems. Logs typically contain timestamped entries that provide information about events such as system errors, user actions, or application activities.

Web Log
When a user visits a website, the browser sends a request to the server
where the website lives. The server updates its logs with something like “User
X visited page at 12:00pm” before sending the page back. That’s a web log. One
downside is that any server request is logged, even the bots of search engines.
If you want to monitor only real user activity, this may not be the best method
to use. Additionally, unique visitors are difficult to identify which can complicate a marketing analysis. You do not want to count the same person twice, or
else your numbers will be off. Lastly, do you recall the term cache? It takes time
for browsers to send requests to servers and to receive the page with all of its
1
Avinash Kaushik, Web Analytics 2.0: The Art of Online Accountability and Science of Customer
Centricity. Sybex, 2009.
How to Speak Tech 103
images and other resources. Therefore, browsers save a copy of the website
locally as to minimize the server interaction for efficiency purposes. Web logs
will not kick in when the server is not utilized, so all activity on cached versions of this webpage will not be logged. This is an example of server-side data
collection (the software used to store the data lives on the server).

Question 24

What is responsive design?

Answer 24

Responsive design: Uses a single flexible layout that adapts to various screen sizes and device types through CSS media queries and fluid design principles.

Adaptive design: Creates multiple fixed layouts tailored to specific screen sizes or device categories, and selects the appropriate layout based on the user’s device characteristics.

Question 25

What is Authentication?

Answer 25

Authentication
As discussed in the opening sections of this chapter, you might want to keep
track of who is using your API and what they are requesting. You also might
want to communicate with your API users to confirm the accuracy of the
data and security of the connection. Approaches to authentication include
the following:
* Open API. No authentication is used. There are no
barriers to use the API, the code can be distributed more
freely, and there is less hassle to manage provided you
do not need to keep track of individual users. This would
be an attractive option if you are interested only in what
people are doing anonymously in aggregate and not in
what specific individuals are doing or controlling who
uses your API and how they use it.
How to Speak Tech 61
* HTTP authentication. Authentication information can be
passed in the HTTP headers of incoming requests
* Message-based authentication. Credentials such as a unique
developer’s key can be passed in the API request as part
of the message.
* SSL endpoint. This method helps the client keep track of
the server. After receiving a server certificate, the client
can check to see if it changes. If it does, the information
is likely coming from a source other than the server and
therefore cannot be trusted. This authentication method
prevents a middleman from impersonating the person
you are expecting. Because the SSL endpoint method
does not help identify the client, it is used in conjunction
with one of the other methods listed here.
* Client-side certificates. You can configure your API to
create certificates that are given to a client (via a secured
channel) that would reappear and be authenticated every
time the client makes a request. Although this is considered a robust way of dealing with authentication, it can be
considerably slower.

Question 26

What is Authorization?

Answer 26

Authorization:
Authorization is the process of determining whether a user or system has permission to access specific resources or perform certain actions within a system or application. Authorization controls what authenticated users are allowed to do after their identities have been verified through authentication. It involves defining access rights and privileges based on the user’s identity, role, or other attributes.
Authorization mechanisms typically involve assigning users to roles or groups and associating those roles or groups with permissions or access control lists (ACLs) that specify what actions users are allowed to perform on particular resources.

For example, an authorization system might grant read-only access to a certain file to regular users but full read and write access to administrators.

In summary, authentication verifies the identity of users or systems, while authorization determines what resources and actions users are allowed to access or perform based on their authenticated identity. Together, authentication and authorization form the basis of access control mechanisms in computer systems and applications, ensuring that only authorized users can access resources and perform actions according to defined policies and permissions.