2.0 Understanding and Using APIs

Question 1

T/F - HTTP is a stateless (connectionless) protocol.

Answer 1

True

Question 2

T/F - The data is exchanged via HTTP requests and HTTP responses, which are specialized data formats used for HTTP communication. A sequence of requests and responses is called an HTTP session and is initiated by a client by establishing a connection to the server.

Answer 2

True

Question 3

T/F - Web APIs are a subset of APIs, accessible over HTTP

Answer 3

True

Question 4

What do you call HTTP verbs (or nouns) that are a predefined set of request methods that represent desired actions that should be performed on the resources? They are used in HTTP requests as a part of the request line.

Answer 4

HTTP Methods

Question 5

HTTP Method - Requests a representation of a specific resource. Should only retrieve data and is considered safe and idempotent.

Answer 5

GET

Question 6

HTTP Method - Used to submit an entity to the specified resource, often causing a state change or side effects on the server. Requests made with this verb should include a request body.

Answer 6

POST

Question 7

HTTP Method - Deletes the specified resource. Subsequent calls should not cause any side effects.

Answer 7

DELETE

Question 8

HTTP Method - Replaces all current representations of the target resource with the request payload.

Answer 8

PUT

Question 9

Asks for a response identical to that of a GET request, but without the response body. Useful for validating resource availability.

Answer 9

HEAD

Question 10

Applies partial modification to a resource. Useful for instances where using PUT might be too cumbersome. It is not an idempotent method and is used for merging resources.

Answer 10

PATCH

Question 11

What is a predefined set of numerical codes that indicate the status of a specific HTTP request in the response header.

Answer 11

HTTP Status Code

Question 12

What are the 5 classes (categories) of HTTP status codes by functionality?

Answer 12

1xx Informational, 2xx Successful, 3xx Redirection, 4xx Client Error, 5xx Server Error.

Question 13

Most HTTP Status codes from this category indicate that the request was received and understood. They usually mean that the request processing continues and alerts the client to wait for the final response. Rarely used.

Answer 13

1xx Informational

Question 14

HTTP Status Code for a standard response for a successful HTTP request. The information returned depends on the request method.

Answer 14

200 (OK)

Question 15

HTTP Status Code that indicates that a resource has been successfully created.

Answer 15

201 (Created)

Question 16

HTTP Status Code that the server has successfully fulfilled the request and the response body is empty. Useful when you want to confirm that a POST request was received by the server.

Answer 16

204 (No content)

Question 17

HTTP Status Code that this an all future requests should be directed to the given URI.

Answer 17

301 (Moved Permanently)

Question 18

HTTP Status Code that the requested resource resides temporarily under a different URI.

Answer 18

302 (Found)

Question 19

HTTP Status Code that indicates that the resource has not been modified since the version specified by the request headers. Useful for reducing overhead.

Answer 19

304 (Not Modified)

Question 20

HTTP Status Code that the server cannot process the request because of a malformed request (bad syntax, deceptive routing, size too large)

Answer 20

400 (Bad Request)

Question 21

HTTP Status Code the request requires a valid authorized user. It usually means that the user is not authenticated or that authentication failed.

Answer 21

401 (Unauthorized)

Question 22

HTTP Status Code The request was valid, but the server is refusing action. The user might not have the necessary permissions for a resource.

Answer 22

403 (Forbidden)

Question 23

HTTP Status Code that the server has not found anything matching the request URI. No indication is given whether the condition is temporary or permanent.

Answer 23

404 (Not Found)

Question 24

HTTP Status Code which is a generic error message, given when an unexpected condition was encountered and no more specific message is suitable.

Answer 24

500 (Internal Server Error)

Question 25

HTTP Status Code that the server does not support the functionality required to fufill the request.

Answer 25

501 (Not Implemented)

Question 26

HTTP Status Code that the service cannot handle the request. It is usually a temporary condition attributed to a server crash, maintenance, overload, and so on.

Answer 26

503 (Service Unavailable)

Question 27

What is a list of key-value pairs that the client and server use to pass additional information or metadata between them in requests? They consist of a case-insensitive name, followed by a colon (":") and then its value.

Answer 27

HTTP Headers

Question 28

What are the four distinct types of HTTP headers?

Answer 28

General, Request, Response, and Entity

Question 29

HTTP Header - This type is not specific to any particualar kind of message. They are primarly used to communicate information about the message itself and how to process it.

Answer 29

General

Question 30

HTTP Header - This type carries information about the resource to be fetched. They also contain information about the client.

Answer 30

Request

Question 31

HTTP Header - This type of header hold additional information about the response and the server providing it.

Answer 31

Response

Question 32

HTTP Header - These type of headers contain information about the response body.

Answer 32

Entity

Question 33

What does a HTTP Request use to identify and locate the resources targeted by the request?

Answer 33

HTTP URL

Question 34

In relation to a HTTP URL, what is the term that identifies a resource ../people/alice

Answer 34

URI

Question 35

In relation to an HTTP URL, what is the term that identifies a resource using a (made-up) scheme urn:people:names:alice

Answer 35

URN

Question 36

In HTTP, what is the process of selecting the best representation for a given response when there are multiple representations available.

Answer 36

HTTP Content Negotiation

Question 37

What HTTP Header takes care of content negotiation?

Answer 37

Accept

Question 38

What is the scale of the quality-factor weighting of Accept HTTP headers?

Answer 38

0 to 1

Question 39

RPC

Answer 39

Remote Procedure Call

Question 40

SOAP

Answer 40

Simple Object Access Protocol

Question 41

What protocol provides mechanisms to install, manipulate, and delete configurations on network devices. It also provides a mechanism for notification subscriptions and asynchronous message delivery.

Answer 41

NETCONF

Question 42

NETCONF

Answer 42

Network Configuration Protocol

Question 43

T/F - NETCONF is a session based protocol

Answer 43

True

Question 44

What does NETCONF use for encapsulation?

Answer 44

XML

Question 45

Which API style is optimized for the web, known for its excellent performance scalability, and has a greater simplicity than other styles?

Answer 45

REST

Question 46

T/F - A RESTful API needs to be stateless, no client context needs to be stored on the server in between requests.

Answer 46

True

Question 47

T/F - A RESTful API needs to be built using Client/Server architecture.

Answer 47

True

Question 48

T/F - A RESTful API needs to be a layered system, a client should not be able to know if it is connected to an end point or an intermediary agent (proxy, caching server, etc)

Answer 48

True

Question 49

T/F A RESTful API needs a uniform interface to decouple the client from the implementation of the REST service.

Answer 49

True

Question 50

CRUD

Answer 50

Create, Read, Update, Delete

Question 51

What Python library is used to create a simple HTTP GET request to a member resource on a RESTful API?

Answer 51

requests

Question 52

T/F - The best API to use is based on the problem you are trying to solve and the resources you have available.

Answer 52

True

Question 53

T/F - Scalability, performance and flexibility are advantages of a REST API

Answer 53

True

Question 54

T/F - High Security and Standardization are advantages of a SOAP API

Answer 54

True

Question 55

T/F - Less secure and not suitable for distributed environments are disadvantages of a REST API

Answer 55

True

Question 56

T/F - Increased complexity and poorer performance are disadvantages of a SOAP API

Answer 56

True

Question 57

What message format is used with a SOAP API?

Answer 57

XML

Question 58

What transfer protocol is used with a REST API?

Answer 58

HTTP

Question 59

What are tools that allow you to react to events and changes in an application. They are commonly referred to as a "reverse API" or a "web callback".

Answer 59

Webhooks

Question 60

What HTTP method is used to update a webhook endpoint?

Answer 60

POST

Question 61

How are webhook notifications transported to subscribers?

Answer 61

HTTP POST requests

Question 62

What is the biggest benefit of webhooks compared with regular REST API?

Answer 62

Webhooks provide real-time data

Question 63

T/F - REST does not use a fixed response format

Answer 63

True

Question 64

What is the purpose of content negotiation?

Answer 64

to select the best available representation for a given resource

Question 65

T/F - In the case of Cisco, pagination is a part of the Cisco Web API standards and is implemented with RFC 5988

Answer 65

True

Question 66

What effectively limits the number of specific requests that can be fulfilled by an API?

Answer 66

rate limiting

Question 67

Is it better to implement rate limiting on the client side or server side?

Answer 67

Server Side - prevents DOS, prevent misuse of sensitive or destructive API calls.

Question 68

What is the difference between rate limiting and payload limiting?

Answer 68

With rate limiting, you limit the rate of API calls toward the API, while with payload limiting, you limit the size of the API request bodies.

Question 69

What is the act of proving the identity of someone?

Answer 69

Authentication

Question 70

What specifies the rights and privileges that a specific entity has over resources.

Answer 70

Authorization

Question 71

What are the three general approaches to REST API authentication?

Answer 71

Basic HTTP Authentication, API Key Authentication, and Custom Token Authentication

Question 72

What authentication method uses a unique, pregenerated, cryptographically strong string as authentication?

Answer 72

API Key Authentication

Question 73

How frequently is a new token issued in custom token authentication?

Answer 73

When the old one expires

Question 74

What does the term "hardcoding" mean, in relation to security in your code?

Answer 74

Including data directly in the source code

Question 75

What type of API communication is where the client requests, and waits for reply?

Answer 75

Synchronous

Question 76

What type of API communication is where the client requests, then the reply comes later?

Answer 76

Asynchronous