COURSE 7: WORKING WITH DATA IN ANDROID QUIZ ANSWERS

Week 1: Introduction to REST APIs

Meta Android Developer Professional Certificate

Complete Coursera Answers & Study Guide

Enroll in Coursera Meta Android Developer Professional Certification

TABLE OF CONTENT

SELF REVIEW: KNOW YOUR TOOLS
KNOWLEDGE CHECK: INTRODUCTION TO APIS

KNOWLEDGE CHECK: PRINCIPLES OF API DEVELOPMENT
MODULE QUIZ: REST APIS

Introduction to REST APIs INTRODUCTION

Get to know RESTful API development.

Learning Objectives

Identify the key characteristics, benefits and uses of REST API, states and resources.
Create routes with the correct naming conventions.
Explain the principles of authentication in a REST API.

Differentiate between authentication and authorization.
Explain the API request lifecycle.

SELF REVIEW: KNOW YOUR TOOLS

1. Which of the following configuration options in Insomnia were used in this Exercise? Choose all that apply.

Creating a GET request. (CORRECT)

Creating a POST request with Form Data. (CORRECT)
Creating a POST request with JSON Data. (CORRECT)
Creating a Base Environment.

That’s correct! You learned how to create a GET request using Insomnia.

That’s correct! You learned how to create a POST request for sending form data using Insomnia.

That’s correct! You learned how to send a JSON object as an output using Insomnia.

2. Using the Filter response body option in Insomnia, which of the following filters can be used to obtain the month field [“july”] as the output when used over the JSON object below? Choose all that apply.

{
    "title": "Lord of the Rings",
    "author": "JRR Tolkien",
    "published" : {
        "year": 1954,
        "month": "july",
        "day" : 29
    }
}

$.json.month
$.json.published.”month”
$[json][published][month] (CORRECT)

$.json.published.[month] (CORRECT)

That’s correct! The filter used will be able to access the value of the month property and return the desired result.

3. Which of the following JSON objects will return a valid JSON output that is not null while making a POST request.

{ “title”: “Lord of the Rings” } (CORRECT)
{ “title”: Lord of the Rings }
{ title: “Lord of the Rings” }

{ “title”: “Lord of the Rings” ,}

That’s correct! This is a correct format that will produce the JSON output.

4. You’ve learned that an HTTP request has a body and a header. What information does the HTTP request header contain? Select all that apply.

Form data passed to the web server

HTTP version type, for example 1.1 or 2.0
HTTP request headers can contain cookies, user-agents and referrers (CORRECT)
Extra information that helps the server make decisions on how to present the content (CORRECT)

That’s correct. These are all examples of information that helps servers decide how to process an HTTP request.

That’s correct. The HTTP request header is a core part of every HTTP request and contain vital information for the server.

5. An API is only RESTful if it complies with which constraints? Select all that apply.

The API infrastructure should be layered (CORRECT)

The API should be stateless (CORRECT)
The API should use client-server architecture (CORRECT)
The API should deliver code on demand (CORRECT)

Every API should support all HTTP methods
The API should be cacheable (CORRECT)

That’s right! The entire system architecture must be able to split into multiple layers. And you should be able to add or remove a layer any time.

Correct! The state of a RESTful API is only saved on the client machine, not the server.

That’s right! There should be a server that is serving the resources, and there should be a client who consumes them.

That’s right! Although this is not always a requirement. It is considered an optional constraint.

That’s right! RESTful APIs can be saved by a web browser, or a server, or any system.

6. The naming convention of this API is correct: https://little.lemon/orders/{orderId}/customer-details

True (CORRECT)
False

That’s correct. In this case, the variable is the order ID so it should be in camelCase and wrapped in curly braces. It is also good that “customer” and “details” has a hyphen in between the words and not an underscore or space. Further, the hierarchical relationship between the objects is specified with forward slashes.

7. In this video you learned about tools for API development. Which of the following statements are true? Check all that apply.

Curl, Postman and Insomnia are cross-platform tools to test and debug your APIs (CORRECT)
Curl has a graphical version

Postman has a web version (CORRECT)
You can use Insomnia from mobile

That’s correct. While Curl only offers the command line version, it is available in all major operating systems. Similarly, Postman and Insomnia are also available for Windows, macOS and Linux.

That’s correct. Postman offers a web version that you can use without installing its desktop client.

KNOWLEDGE CHECK: INTRODUCTION TO APIS

1. Why is communicating over HTTPS more secure than HTTP?

Both client- and server-side are encrypted but decryption is not performed.
Encryption and decryption are performed both on the client- and server-side. (CORRECT)

There is only server-side encryption and client-side encryption.
There is client-side encryption and server-side decryption.

Correct! HTTPS is secure which means that there is encryption for data exchanged both at client- and server-side which can also be decrypted.

2. Which of the following HTTPS methods is used to partially update data?

POST
PATCH (CORRECT)
GET

Correct! PATCH is used to partially updating a resource.

3. Which of the following HTTP status codes inside the response header indicate server-side errors?

500-599 (CORRECT)

100-199
400-499
300-399

Correct! The status codes mentioned are used to indicate server-side errors to the client inside the response headers.

4. RESTful APIs are considered to be stateless. What this means is the state is saved ________.

on neither the client- nor server-side
only with the client (CORRECT)

both on client and server
only on the server

Correct! The server does not contain any state of the API client making the request and cannot identify who is making the request.

5. Which of the following can be a layer in the RESTful API communication system that data encounters while being passed between the client and server? Select all that apply.

Load balancer (CORRECT)
Firewall (CORRECT)
Headers

Correct! Load balancers help in the efficient distribution of network traffic before the requests from client reach the server.

Correct! Firewalls are security systems over the network that help control and monitor the network traffic between the client and server based on security rules.

KNOWLEDGE CHECK: PRINCIPLES OF API DEVELOPMENT

1. The abuse of API calls made by an end-user can be managed and restricted by means of:

Caching

Rate-limiting (CORRECT)
Monitoring
Versioning

Correct! Rate-limiting limits the number end-user can call your API in a period of time such as per minute, hour or day.

2. While monitoring API endpoints for indicators such as latency and response time, which of the following HTTP status codes can be used to identify potential problems early on? Select all that apply.

100-199
200-299

400-499 (CORRECT)
500-599 (CORRECT)

Correct! Status codes 400-499 imply client-side errors that can give an early indication of delays caused by potential problems.

Correct! Status codes 500-599 imply server-side errors that can provide an early indication of delays caused by potential problems.

3. SSL certificates ensure that the API calls coming to a specific vendor website such as Little Lemon are coming from their own website and mobile app.

True
False (CORRECT)

Correct! SSL certificates are used to encrypt data and help serve data over HTTPS instead of HTTP. Signed URLs ensure that the API calls coming to a specific vendor website such as Little Lemon are coming from their own website and mobile app.

4. Which of the following HTTP status codes suggest authentication and authorization errors while communicating data over HTTP? Select all that apply.

402 (CORRECT)
404

401 (CORRECT)

Correct! The 402 – Forbidden error is raised when the credentials are valid, but the client does not have the privilege to perform the action.

Correct! The 401 – Unauthorized error is raised when the username and password credentials do not match the records available within the server.

5. The SSL in SSL certificates, commonly known for being used in secure communications stand for:

Secure Socket Layer (CORRECT)
Security Socket Layer
Secure Secret Layer

Socket Secure Layer

Correct! Secure Socket Layers encrypt your data and generate certificates to enable communication over HTTPS.

6. In this video, you learned about best practices when it comes to REST APIs. Which one of the following is a good practice you should follow?

You should maintain several versions of your API

You should implement caching for your APIs (CORRECT)

That’s correct. Caching help your API perform better and helps to reduce the load on the server.

7. What authentication mechanism gives third parties limited access to a specific resource for a brief period of time?

Secure Socket Layer (SSL) (CORRECT)

Signed URLs
HTTP encryption of end-points
Firewall applications

That’s correct. Signed URLs give someone limited access to a specific resource for a brief period of time.

8. In this video you learned about the importance of access control when it comes to APIs. Indicate which of the following statements are true. Check all that apply.

You should make your privileges as specific as possible. (CORRECT)
A role is a collection of privileges and a privilege is whether you are allowed to do a specific task. (CORRECT)

Authentication and authorization are the same.

That’s correct. You want a role to be made up of detailed and specific privileges that suit the role so that only the right people have access to sensitive information.

That’s correct. One role can consist of only one privilege or several ones. Whereas a privilege determines whether you are authorized to perform a specific task.

MODULE QUIZ: REST APIS

1. What are the benefits of using pipenv? Choose all that apply.

It creates a virtual environment for your project (CORRECT)
It manages the dependencies (CORRECT)
It makes your project more secure

It makes your project run faster

That’s correct. Pipenv automatically creates a virtual environment and installs all the dependencies inside it.

That’s correct. Using pipenv you can manage the dependencies for your project.

2. What is the default port number used by Django webserver?

8000 (CORRECT)
443
8001

That’s correct. 8000 is the default port number used by the Django webserver when you apply this command python manage.py runserver inside a Django project directory.

3. What does the following command do?

python manage.py startapp
It creates a Django project

It creates a new Django app (CORRECT)
It installs Django

That’s correct. You can use this command inside a Django project to create a new Django app following the application name. If your app name is LittleLemonAPI, then you will have to apply this command python manage.py startapp LittleLemonAPI

4. Authentication and authorization are the same thing.

True
False (CORRECT)

That’s correct. Authentication and authorization are different things, and they play a very important role in securing your project. Authentication checks if the user can enter the system, and authorization checks if the authenticated user has the appropriate privilege to perform a task.

5. Which of the following HTTP status codes are used to indicate client-side and server-side errors? Choose all that apply.

201 – Created
301- Moved Permanently
403 – Forbidden (CORRECT)

404 Not Found (CORRECT)
503 – Service Unavailable (CORRECT)

That’s correct. This code is used when client credential like the username and password, or the token is not valid.

That’s correct. This code is used when someone requests a non-existing item.

That’s correct. This code is used when the server is down or cannot handle the request due to overloading.

6. What are the valid Accept headers for requesting XML content? Choose all that apply.

application/xml (CORRECT)

application/xml-content
code/xml
text/xml (CORRECT)

application/x-xml

That’s correct. A client can send the Accept: application/xml header to request XML content from the server.

That’s correct. This is a valid header for requesting XML content from the server.

7. What can lead to data corruption in an API project? Choose all that apply.

Lack of caching
Lack of authorization (CORRECT)
Lack of authentication (CORRECT)

Lack of throttling
Lack of data validation and sanitization (CORRECT)

That’s correct. The lack of a solid authorization layer can lead any user with a valid authentication token to access any API endpoints and they will be able to modify the data.

That’s correct. Without authentication anyone can get in and modify the data.

That’s correct. Incorrect or malformed data may be stored in the database without proper data validation. Lack of sanitization can create security threats which can also corrupt the data.

8. Which of the following statements are valid for Insomnia? Choose all that apply.

It’s a REST API Client (CORRECT)
Insomnia can send different types of payloads (CORRECT)
Insomnia has a mobile client
Insomnia has a command line tool
Insomnia is cross-platform (CORRECT)

That’s correct. You can use Insomnia to make HTTP requests.

That’s correct. While making an API call, you can send different types of payloads like JSON, Form URL Encoded Data using Insomnia.

That’s correct. You can download Insomnia for multiple operating systems like Windows, macOS and Linux.

9. Which of the following API clients/tools has both web and desktop versions?

Insomnia
Curl
Postman (CORRECT)

That’s correct. Postman comes with a desktop app and offers a web version that can be used in your browser to make API calls.

10. What is the purpose of renderer classes in DRF?

Quickly scaffold a CRUD API project
Convert serialized data to display as HTML, XML and JSON (CORRECT)
Convert model instance to native Python data types

That’s correct. DRF comes with a few built-in renderer classes to convert serialized data and display it in various formats. You can also use third-party renderers in DRF.

CONCLUSION

tbw

Previous Course

Next Week 2

Subscribe to our site

Get new content delivered directly to your inbox.

Quiztudy Top Courses

Popular in Coursera

Liking our content? Then, don’t forget to ad us to your BOOKMARKS so you can find us easily!