
































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
The JSNSDCN exam is a localized version of the OpenJS Node.js Services Developer certification tailored for China. It validates the ability to develop back-end services and REST APIs using Node.js. Exam topics include asynchronous programming, Node.js core modules, Express.js, authentication, testing, debugging, performance optimization, and security best practices. Delivered in Chinese, it helps developers in China prove professional Node.js expertise. Targeted at full-stack developers, backend engineers, and cloud-native developers, the certification emphasizes modern service-oriented architectures built with Node.js.
Typology: Exams
1 / 72
This page cannot be seen from the preview
Don't miss anything!

































































Question 1. What HTTP status code should a RESTful API return when a resource is successfully created using a POST request? A) 200 B) 201 C) 204 D) 400 Answer: B Explanation: 201 Created indicates the request has succeeded and led to the creation of a resource. Question 2. Which method is used in Node.js to start listening for incoming HTTP requests? A) server.listen() B) server.start() C) app.run() D) http.start() Answer: A Explanation: server.listen() is the correct method to start the server and listen for requests. Question 3. What is the main advantage of using Express.js over the core http module in Node.js? A) It improves CPU performance B) It provides a simpler API for routing and middleware C) It replaces Node.js’s event loop D) It handles database queries automatically Answer: B Explanation: Express.js simplifies routing and middleware management compared to the core http module. Question 4. Which HTTP method is idempotent? A) POST B) PUT
Answer: B Explanation: PUT is idempotent, meaning multiple identical requests have the same effect as a single one. Question 5. What does the 'req.body' property in Express.js hold? A) Query parameters B) The parsed body of the request C) The request headers D) The URL path Answer: B Explanation: req.body contains the parsed body data of the incoming request. Question 6. Which module is built-in for making HTTP requests in Node.js? A) axios B) fetch C) http D) superagent Answer: C Explanation: The 'http' module is built-in for HTTP requests in Node.js. Question 7. In RESTful APIs, what should a DELETE request return if a resource is successfully deleted? A) 201 B) 204 C) 404 D) 302 Answer: B Explanation: 204 No Content indicates successful deletion with no content to return.
C) To pass control to the next middleware D) To parse query parameters Answer: C Explanation: Calling next() passes control to the next middleware in the stack. Question 12. What is the default port for HTTP servers? A) 21 B) 80 C) 443 D) 3000 Answer: B Explanation: Port 80 is the default for HTTP. Question 13. How can you secure sensitive endpoints in an Express.js application? A) Use HTML comments B) Implement authentication middleware C) Minify JavaScript D) Use GET requests only Answer: B Explanation: Authentication middleware restricts access to sensitive endpoints. Question 14. Which Node.js module is used for creating HTTPS servers? A) http B) https C) net D) tls Answer: B Explanation: The 'https' module is used to create SSL/TLS-enabled servers.
Question 15. How do you handle errors in asynchronous Express.js route handlers? A) Use try/catch and call next(error) B) Ignore errors C) Use setTimeout D) Only use synchronous code Answer: A Explanation: Errors in async handlers should be passed to Express’s error middleware via next(error). Question 16. Which library is commonly used for input validation in Express.js? A) lodash B) express-validator C) async D) bluebird Answer: B Explanation: express-validator is a popular tool for validating/sanitizing user input in Express.js. Question 17. What is Cross-Site Scripting (XSS)? A) Injecting malicious scripts into web pages B) Intercepting network packets C) Guessing user passwords D) Overloading the server with traffic Answer: A Explanation: XSS is an attack where malicious scripts are injected into trusted websites. Question 18. How can you mitigate SQL Injection in a Node.js application? A) Use prepared statements or parameterized queries B) Disable database access
Question 22. What function does 'res.status()' serve in Express.js? A) It sends a file B) It sets the HTTP response status code C) It parses the request body D) It ends the server Answer: B Explanation: res.status() sets the status code for the HTTP response. Question 23. Which of the following is a safe way to handle user passwords in Node.js? A) Store them as plain text B) Hash them using bcrypt C) Encrypt with ROT D) Store in cookies Answer: B Explanation: Hashing with bcrypt securely stores user passwords. Question 24. Which module lets you serve static files in Express.js? A) express.static B) express.router C) express.bodyParser D) express.handler Answer: A Explanation: express.static serves static assets like images and HTML. Question 25. How do you prevent HTTP Parameter Pollution in Express.js? A) Ignore query parameters B) Use input validation and sanitization
C) Only use POST requests D) Allow duplicate parameters Answer: B Explanation: Validating and sanitizing input prevents parameter pollution attacks. Question 26. What is the main purpose of CORS in web services? A) To compress HTTP responses B) To restrict cross-origin resource sharing C) To cache responses D) To encrypt data Answer: B Explanation: CORS controls which domains can access your resources from browsers. Question 27. Which of the following is NOT a valid HTTP verb? A) UPDATE B) GET C) POST D) DELETE Answer: A Explanation: UPDATE is not an HTTP method; PUT or PATCH is used for updates. Question 28. What does the 'req.query' object in Express.js contain? A) Parsed query string parameters B) Request body C) Headers D) URL path Answer: A Explanation: req.query contains key-value pairs from the query string.
C) http.start() D) http.init() Answer: B Explanation: http.createServer() creates a new HTTP server instance. Question 33. What does the 'req.params' object hold in Express.js? A) Query string parameters B) URL path variables C) Request headers D) Cookies Answer: B Explanation: req.params contains values from the route path (e.g., /users/:id). Question 34. Which HTTP status code means “Unauthorized”? A) 403 B) 401 C) 404 D) 500 Answer: B Explanation: 401 Unauthorized means authentication is required and has failed or not provided. Question 35. What is the main purpose of middleware in Express.js? A) To serve static files B) To process requests before they reach route handlers C) To connect to the database D) To start the server Answer: B Explanation: Middleware functions process or modify requests/responses in the pipeline.
Question 36. Which HTTP status code indicates a successful response with no content? A) 200 B) 201 C) 204 D) 202 Answer: C Explanation: 204 No Content indicates the request succeeded but there is no content to return. Question 37. Which of the following is a correct way to define a route in Express.js? A) app.get('/users', handler) B) app.router('/users', handler) C) app.route('/users', handler) D) app.set('/users', handler) Answer: A Explanation: app.get() defines a GET route for the specified path. Question 38. What is the main risk of not validating user input in a web service? A) Increased performance B) Vulnerability to injection attacks C) Lower latency D) Slower database access Answer: B Explanation: Unvalidated input can lead to injection and other security vulnerabilities. Question 39. Which HTTP method is typically used for partial updates? A) GET B) POST
Question 43. What is the function of helmet middleware in Express.js? A) Caching B) Serving images C) Setting HTTP headers for security D) Parsing URL parameters Answer: C Explanation: helmet sets various HTTP headers to secure Express.js apps. Question 44. Which HTTP header is used to indicate the type of content in the response? A) Accept B) Content-Type C) Authorization D) Referer Answer: B Explanation: Content-Type specifies the type of data sent in the response. Question 45. What is the effect of calling res.end() in the http module? A) It parses the request B) It closes the connection and sends the response C) It starts listening for requests D) It renders a template Answer: B Explanation: res.end() finishes the response and closes the connection. Question 46. Which Express.js middleware is used to handle URL-encoded data? A) express.json() B) express.static()
C) express.urlencoded() D) express.router() Answer: C Explanation: express.urlencoded() parses URL-encoded bodies. Question 47. Which of these is a valid RESTful API endpoint for accessing a single product with id 89? A) /products?id= B) /products/ C) /getProduct/ D) /product. Answer: B Explanation: RESTful endpoints use /resource/:id for single resources. Question 48. How can a Node.js application consume an external HTTP service? A) Using the http or https module B) Only with EJS C) Using fs.readFile D) Using the path module Answer: A Explanation: Use http/https modules or libraries to make HTTP requests. Question 49. What is a symptom of Cross-Site Request Forgery (CSRF)? A) User actions performed without their consent B) Data encrypted in transit C) Static file caching D) Slow database queries Answer: A Explanation: CSRF tricks users into executing unwanted actions.
C) cors D) morgan Answer: C Explanation: The cors middleware enables CORS in Express.js apps. Question 54. In Node.js, what does process.env contain? A) HTTP headers B) Environment variables C) Request data D) Database connections Answer: B Explanation: process.env provides access to environment variables. Question 55. What is the primary defense against HTTP parameter pollution? A) Allow duplicate parameters B) Validate and sanitize input C) Ignore input D) Use only POST requests Answer: B Explanation: Validation and sanitization prevent parameter pollution. Question 56. What is a typical use case of the PATCH HTTP method? A) Retrieve a resource B) Partially update a resource C) Delete a resource D) Create a new resource Answer: B Explanation: PATCH is used for partial updates.
Question 57. Which of the following is the correct way to start an Express.js application on port 4000? A) app.run(4000) B) app.listen(4000) C) app.start(4000) D) app.open(4000) Answer: B Explanation: app.listen starts the server on the specified port. Question 58. What is the effect of calling next(err) in Express.js middleware? A) Passes control to the next route B) Passes control to error-handling middleware C) Restarts the server D) Ends the response Answer: B Explanation: next(err) forwards the error to error-handling middleware. Question 59. How can CSRF tokens help defend against CSRF attacks? A) They encrypt data B) They ensure requests are from trusted sources C) They hash passwords D) They block all POST requests Answer: B Explanation: CSRF tokens are unique and verify the request origin. Question 60. Which of the following is a feature of RESTful APIs? A) Statelessness B) Always using XML
Question 64. Which of the following is a valid Express.js error-handling middleware signature? A) (req, res, next) B) (err, req, res, next) C) (res, req, next) D) (req, err, next) Answer: B Explanation: Error-handling middleware must have four arguments with 'err' first. Question 65. What does the res.redirect() function do in Express.js? A) Ends the response B) Sends a file C) Sends a redirect response to the client D) Starts the server Answer: C Explanation: res.redirect() sends an HTTP redirect to the client. Question 66. Which HTTP header is used to authorize requests using a bearer token? A) Accept B) Authorization C) X-Powered-By D) Cookie Answer: B Explanation: The Authorization header is standard for bearer tokens. Question 67. What is the role of morgan middleware in Express.js? A) Security B) Logging HTTP requests
C) Parsing JSON D) Serving static files Answer: B Explanation: morgan logs HTTP request details. Question 68. How do you restrict an Express.js route to authenticated users only? A) Add an authentication middleware to the route B) Use only GET requests C) Remove all middleware D) Use a different port Answer: A Explanation: Authentication middleware checks user credentials before accessing the route. Question 69. What is the purpose of the 'res.setHeader()' function in Node.js http module? A) To set HTTP headers in the response B) To read request headers C) To end the response D) To parse the request body Answer: A Explanation: res.setHeader() sets a header in the HTTP response. Question 70. What is the effect of calling 'server.close()' in the http module? A) Starts listening for new connections B) Stops the server from accepting new connections C) Parses the request body D) Sends a file Answer: B Explanation: server.close() stops the server from accepting new connections.