PrepIQ OpenJS Node js Services Developer China JSNSDCN Ultimate Exam, Exams of Technology

This localized certification exam validates the skills of Node.js services developers in China. Domains include Node.js APIs, asynchronous programming, event-driven architecture, Express framework, testing, security practices, containerization, and deployment. Conducted in Chinese, it ensures accessibility for developers in one of the world’s largest Node.js ecosystems.

Typology: Exams

2025/2026

Available from 04/14/2026

shilpi-jain-3
shilpi-jain-3 🇮🇳

2.5

(11)

80K documents

1 / 80

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
PrepIQ OpenJS Node js Services
Developer China JSNSDCN Ultimate
Exam
**Question 1. Which native Node.js module is used to create an HTTPS server?**
A) http
B) net
C) tls
D) https
Answer: D
Explanation: The `https` module provides `https.createServer()` for
TLS-encrypted HTTP servers, while `http` creates plain HTTP servers.
**Question 2. In an Express route, which method is used to parse JSON bodies
automatically?**
A) app.use(express.urlencoded())
B) app.use(express.json())
C) app.use(bodyParser.text())
D) app.use(morgan())
Answer: B
Explanation: `express.json()` middleware parses incoming requests with
`Content-Type: application/json` and populates `req.body`.
**Question 3. Which HTTP status code indicates that the request was successful
and a new resource was created?**
A) 200
B) 201
C) 202
D) 204
Answer: B
Explanation: 201 Created signals that the request resulted in a new resource,
typically returned after a successful POST.
**Question 4. What property of an HTTP verb determines its idempotency?**
A) The presence of a request body
B) The ability to be safely repeated without side effects
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50

Partial preview of the text

Download PrepIQ OpenJS Node js Services Developer China JSNSDCN Ultimate Exam and more Exams Technology in PDF only on Docsity!

Developer China JSNSDCN Ultimate

Exam

Question 1. Which native Node.js module is used to create an HTTPS server? A) http B) net C) tls D) https Answer: D Explanation: The https module provides https.createServer() for TLS-encrypted HTTP servers, while http creates plain HTTP servers. Question 2. In an Express route, which method is used to parse JSON bodies automatically? A) app.use(express.urlencoded()) B) app.use(express.json()) C) app.use(bodyParser.text()) D) app.use(morgan()) Answer: B Explanation: express.json() middleware parses incoming requests with Content-Type: application/json and populates req.body. Question 3. Which HTTP status code indicates that the request was successful and a new resource was created? A) 200 B) 201 C) 202 D) 204 Answer: B Explanation: 201 Created signals that the request resulted in a new resource, typically returned after a successful POST. Question 4. What property of an HTTP verb determines its idempotency? A) The presence of a request body B) The ability to be safely repeated without side effects

Developer China JSNSDCN Ultimate

Exam

C) The need for authentication D) The size of the payload Answer: B Explanation: An idempotent method (e.g., PUT, DELETE) can be called multiple times with the same effect as a single call. Question 5. Which header controls cross-origin resource sharing for a response? A) Set-Cookie B) Authorization C) Access-Control-Allow-Origin D) Cache-Control Answer: C Explanation: Access-Control-Allow-Origin specifies which origins may access the resource, enabling CORS. Question 6. When using the native http.request method, which event signals that the response headers have been received? A) 'data' B) 'end' C) 'response' D) 'finish' Answer: C Explanation: The 'response' event is emitted with an IncomingMessage object containing the response headers. Question 7. In a Fastify plugin, which hook is executed before the route handler is called? A) onRequest B) preHandler C) onSend D) onError

Developer China JSNSDCN Ultimate

Exam

Question 11. Which Node.js stream method is optimal for piping data from an external API directly to a client response? A) .pipe() B) .write() C) .end() D) .read() Answer: A Explanation: .pipe() connects readable and writable streams without buffering the entire payload in memory. Question 12. What does the helmet middleware primarily provide? A) Request logging B) Security-related HTTP headers C) Body parsing D) Session management Answer: B Explanation: helmet sets a collection of security headers such as CSP, HSTS, and X-Content-Type-Options. Question 13. Which status code indicates that the client must authenticate to gain network access? A) 401 B) 403 C) 407 D) 511 Answer: D Explanation: 511 Network Authentication Required is used when the client must authenticate to gain network access (e.g., captive portals). Question 14. In Express, which function signature represents an error-handling middleware? A) (req, res, next)

Developer China JSNSDCN Ultimate

Exam

B) (err, req, res, next) C) (req, res) D) (req, res, err) Answer: B Explanation: Error-handling middleware must have four arguments, with the first being the error object. Question 15. Which of the following is a recommended way to limit request payload size in an Express app? A) app.use(express.json({ limit: '1mb' })) B) app.set('payloadLimit', 1024) C) res.setHeader('Content-Length', 0) D) process.setMaxListeners(10) Answer: A Explanation: express.json({ limit: '1mb' }) rejects bodies larger than the specified limit, preventing resource exhaustion. Question 16. Which of the following npm scripts will run a Node.js file named server.js with environment variable NODE_ENV=production? A) "start": "node server.js" B) "start": "NODE_ENV=production node server.js" C) "start": "node -e production server.js" D) "start": "env NODE_ENV=production node server.js" Answer: B Explanation: Prefixing the command with NODE_ENV=production sets the variable for the process on Unix-like systems. Question 17. Which HTTP header is used to instruct browsers to only use HTTPS for future requests to a domain? A) Content-Security-Policy B) Strict-Transport-Security C) X-Frame-Options

Developer China JSNSDCN Ultimate

Exam

Explanation: PATCH applies partial modifications, whereas PUT replaces the entire resource. Question 21. Which Node.js built-in module provides low-level networking capabilities such as creating TCP servers? A) http B) net C) dns D) url Answer: B Explanation: The net module allows creation of TCP/IPC servers and sockets. Question 22. Which of the following is the most appropriate status code for a request that has been accepted for processing but not yet completed? A) 200 B) 202 C) 204 D) 301 Answer: B Explanation: 202 Accepted indicates the request is valid but processing is pending. Question 23. Which middleware pattern best isolates route-specific logic from global request handling? A) Global error handler B) Router-level middleware C) Application-level middleware D) Static file middleware Answer: B Explanation: Router-level middleware applies only to routes defined on a specific router instance, keeping concerns separated.

Developer China JSNSDCN Ultimate

Exam

Question 24. Which of the following is a common technique to mitigate NoSQL injection in MongoDB queries? A) Using string concatenation for query building B) Directly inserting user input into $where clauses C) Validating and sanitizing input with a schema library like Joi D) Disabling authentication on the database Answer: C Explanation: Schema validation ensures only expected data types and structures are used, preventing malicious query injection. Question 25. In a Node.js application, which signal is typically used to trigger a graceful shutdown? A) SIGKILL B) SIGTERM C) SIGSTOP D) SIGUSR Answer: B Explanation: SIGTERM is the conventional signal for termination, allowing the process to close connections and clean up before exiting. Question 26. Which HTTP header can be used to control client-side caching of a response? A) Authorization B) Cache-Control C) Accept-Encoding D) Content-Type Answer: B Explanation: Cache-Control directives such as max-age and no-store dictate how and for how long browsers cache the response. Question 27. Which of the following libraries provides a Promise-based HTTP client with built-in timeout support? A) request

Developer China JSNSDCN Ultimate

Exam

D) res.cookie('token', value, { httpOnly: false }) Answer: B Explanation: The secure attribute ensures the cookie is transmitted only over TLS-encrypted connections. Question 31. Which of the following is a recommended practice for handling unhandled promise rejections in a Node.js service? A) Ignoring them, as Node will automatically log them B) Adding a global process.on('unhandledRejection') handler to log and shut down gracefully C) Converting all promises to callbacks D) Using try/catch around every async function call Answer: B Explanation: A global handler allows logging, cleanup, and a controlled shutdown to avoid undefined state. Question 32. Which of the following is the primary purpose of the Content- Security-Policy header? A) Define allowed HTTP methods B) Restrict sources for scripts, styles, and other resources to mitigate XSS C) Set cookie attributes D) Control caching behavior Answer: B Explanation: CSP provides a whitelist of allowed content origins, reducing the risk of cross-site scripting. Question 33. Which method of an Express Router object registers a handler for all HTTP verbs on a path? A) router.get() B) router.all() C) router.use() D) router.route() Answer: B

Developer China JSNSDCN Ultimate

Exam

Explanation: router.all('/path', handler) matches any HTTP method for the specified route. Question 34. Which of the following is the correct way to enable gzip compression for all responses in an Express app? A) app.use(compression()) B) app.use(gzip()) C) app.enable('gzip') D) app.use(express.gzip()) Answer: A Explanation: The compression middleware compresses response bodies using gzip/deflate when appropriate. Question 35. Which HTTP verb should be used to retrieve a resource without causing side effects? A) POST B) PUT C) DELETE D) GET Answer: D Explanation: GET is defined as a safe method that must not alter server state. Question 36. In the context of rate limiting, which algorithm provides a simple token-bucket implementation? A) Leaky bucket B) Fixed window counter C) Sliding log D) Token bucket Answer: D Explanation: The token-bucket algorithm allows a burst of requests up to a bucket size, then refills tokens at a fixed rate.

Developer China JSNSDCN Ultimate

Exam

B) fs.readFile() C) fs.openSync() D) fs.createReadStream() Answer: B Explanation: fs.readFile() performs the I/O operation in a thread pool, invoking a callback when complete, thus non-blocking. Question 41. Which of the following headers is required for browsers to allow credentials (cookies, HTTP auth) in CORS requests? A) Access-Control-Allow-Origin: * B) Access-Control-Allow-Credentials: true C) Access-Control-Expose-Headers: * D) Access-Control-Max-Age: 86400 Answer: B Explanation: Access-Control-Allow-Credentials: true permits browsers to send and receive cookies and HTTP authentication with cross-origin requests. Question 42. In an Express error-handling middleware, which method is used to send the error response to the client? A) res.send() B) res.json() C) res.status().json() D) next() Answer: C Explanation: Typically, res.status(err.status || 500).json({ error: err.message }) sets the proper HTTP status and returns a JSON payload. Question 43. Which of the following best describes the purpose of the npm ci command? A) Install packages and update package-lock.json B) Clean the node_modules directory without reinstalling C) Perform a clean install based on package-lock.json for reproducible builds

Developer China JSNSDCN Ultimate

Exam

D) Run continuous integration tests Answer: C Explanation: npm ci removes node_modules and installs exactly the versions listed in package-lock.json, ensuring deterministic builds. Question 44. Which HTTP header can be used to instruct browsers to never store a response in any cache? A) Cache-Control: no-store B) Pragma: no-cache C) Expires: 0 D) All of the above Answer: D Explanation: All three directives (Cache-Control: no-store, Pragma: no-cache, Expires: 0) together ensure that caches do not store the response. Question 45. Which of the following is the correct way to set a timeout for an axios request? A) axios.get(url, { timeout: 5000 }) B) axios.timeout(5000).get(url) C) axios({ url, method: 'GET', maxTime: 5000 }) D) axios.get(url).setTimeout(5000) Answer: A Explanation: The timeout option (in milliseconds) tells axios to abort the request if it exceeds the specified duration. Question 46. Which of the following is the most secure way to store a password in a Node.js application? A) Plain text in the database B) Base64-encoded string C) Hashed with a strong algorithm like bcrypt and a unique salt D) Encrypted with a symmetric key stored in source code Answer: C

Developer China JSNSDCN Ultimate

Exam

Question 50. Which of the following HTTP methods is NOT idempotent? A) PUT B) DELETE C) PATCH D) HEAD Answer: C Explanation: PATCH may produce different results when applied multiple times, thus it is not guaranteed to be idempotent. Question 51. In Node.js, which method is used to gracefully close an HTTP server, stopping it from accepting new connections? A) server.stop() B) server.end() C) server.close() D) server.shutdown() Answer: C Explanation: server.close() stops the server from accepting new connections while allowing existing ones to finish. Question 52. Which of the following HTTP response codes indicates that the client should repeat the request with a different URI? A) 301 B) 303 C) 307 D) 308 Answer: B Explanation: 303 See Other tells the client to perform a GET request to the URI provided in the Location header. Question 53. Which of the following is a common technique to mitigate XSS when rendering user-provided data in server-side templates? A) Disabling JavaScript in the browser

Developer China JSNSDCN Ultimate

Exam

B) Escaping HTML special characters before insertion C) Removing all whitespace from the output D) Using eval on the data Answer: B Explanation: Escaping characters like <, >, ", ', and & prevents malicious scripts from being interpreted. Question 54. Which of the following commands lists all open network ports on a Linux system? A) ls -l /proc/net/ B) netstat -tulnp C) ps aux | grep node D) cat /etc/services Answer: B Explanation: netstat -tulnp shows listening TCP/UDP ports and the associated processes. Question 55. Which Node.js module provides utilities for working with file and directory paths? A) fs B) path C) url D) querystring Answer: B Explanation: The path module offers methods like join, resolve, and basename for path manipulation. Question 56. Which of the following is the correct way to enable strict mode for an entire Node.js file? A) "use strict"; at the top of the file B) node --strict app.js C) "strict mode"; at the top of the file

Developer China JSNSDCN Ultimate

Exam

Explanation: Limiting payload size prevents memory exhaustion; a 413 Payload Too Large response informs the client. Question 60. Which of the following methods can be used to retrieve the IP address of the client making a request in an Express handler? A) req.ip B) req.headers['host'] C) req.connection.remotePort D) req.protocol Answer: A Explanation: req.ip returns the remote IP, taking into account proxy headers like X-Forwarded-For when trust proxy is enabled. Question 61. Which of the following is the correct way to set the Content- Type header to JSON in a native Node.js HTTP response? A) res.setHeader('Content-Type', 'application/json'); B) res.writeHeader('Content-Type', 'application/json'); C) res.addHeader('Content-Type', 'application/json'); D) res.header('Content-Type', 'application/json'); Answer: A Explanation: setHeader assigns a header field on the outgoing response object. Question 62. Which of the following is a primary benefit of using async/await over plain Promises in route handlers? A) It automatically retries failed requests B) It eliminates the need for a callback function C) It makes asynchronous code appear synchronous, improving readability and error handling with try/catch D) It runs code in a separate thread Answer: C Explanation: async/await allows linear-style code and standard try/catch blocks for error handling, reducing callback nesting.

Developer China JSNSDCN Ultimate

Exam

Question 63. Which of the following is the most appropriate HTTP status code for a successful DELETE operation that returns no content? A) 200 B) 202 C) 204 D) 404 Answer: C Explanation: 204 No Content indicates the request succeeded but there is no response body. Question 64. Which of the following environment variables is commonly used to indicate a production environment in Node.js applications? A) NODE_ENV=dev B) NODE_ENV=production C) APP_MODE=prod D) ENV=prod Answer: B Explanation: The convention NODE_ENV=production enables production-specific optimizations and disables debugging features. Question 65. Which of the following statements about the process.nextTick() function is true? A) It schedules a callback after I/O events have been processed B) It executes the callback immediately, before any I/O or timer events in the current loop iteration C) It creates a new thread for the callback D) It is deprecated in recent Node versions Answer: B Explanation: process.nextTick() places the callback at the front of the microtask queue, running it before the event loop proceeds to the next phase. Question 66. Which of the following is the correct way to enable CORS for all routes in an Express application using the cors package?