☁️ CLOUD ARCHITECTURE / DESIGN
26. How do you design a multi-region architecture?
Answer:
I design multi-region architectures based on business continuity requirements.
I start by defining RTO and RPO, then choose between active-active or active-passive setups. I ensure data replication, traffic routing using DNS or load balancers, and automated failover mechanisms.
The goal is to guarantee resilience while balancing cost and complexity.
27. What are the main differences between IaaS, PaaS, and SaaS?
Answer:
- IaaS provides infrastructure control
- PaaS abstracts infrastructure and focuses on application deployment
- SaaS delivers fully managed applications
I choose based on control vs agility trade-offs.
28. How do you modernize legacy applications?
Answer:
I use the 6R strategy and prioritize based on business impact.
Whenever possible, I move from monolithic to microservices or container-based architectures to improve scalability and maintainability.
29. What is a cloud-native architecture?
Answer:
It’s an architecture designed specifically for the cloud using microservices, containers, and managed services.
It focuses on scalability, resilience, and automation.
30. How do you design for scalability?
Answer:
I use horizontal scaling, stateless services, and load balancing.
I also leverage auto-scaling and event-driven patterns to handle dynamic workloads.
🔐 SECURITY
31. How do you secure APIs?
Answer:
I implement authentication (OAuth2, JWT), rate limiting, encryption, and API gateways.
I also monitor and log all access for auditing.
32. What is least privilege and why is it important?
Answer:
It means granting only the necessary permissions.
It reduces risk and limits the impact of compromised accounts.
33. How do you protect data in transit and at rest?
Answer:
Using encryption: TLS for data in transit and managed encryption services for data at rest.
34. What is a WAF and when would you use it?
Answer:
A Web Application Firewall protects against web attacks like SQL injection and XSS.
I use it in internet-facing applications.
35. How do you handle secrets management?
Answer:
Using secure vaults like Azure Key Vault, avoiding hardcoding secrets, and rotating credentials regularly.
⚙️ DEVOPS / AUTOMATION
36. What is Infrastructure as Code?
Answer:
It’s the practice of managing infrastructure using code, making deployments repeatable and consistent.
37. Why use Terraform?
Answer:
Because it’s cloud-agnostic, declarative, and supports modular, scalable infrastructure.
38. What is CI/CD?
Answer:
Continuous Integration and Continuous Deployment automate building, testing, and releasing applications.
39. How do you ensure pipeline security?
Answer:
By integrating security scans, access controls, and secret management.
40. What is blue-green deployment?
Answer:
A deployment strategy where two environments exist, reducing downtime and risk.
📊 OBSERVABILITY
41. What is observability?
Answer:
The ability to understand system behavior through metrics, logs, and traces.
42. Difference between monitoring and observability?
Answer:
Monitoring tracks known issues; observability helps discover unknown issues.
43. What tools have you used?
Answer:
Prometheus, Grafana, Azure Monitor, and Log Analytics.
44. How do you design alerting?
Answer:
Based on meaningful thresholds and business impact, avoiding alert fatigue.
45. What is distributed tracing?
Answer:
Tracking requests across multiple services to identify bottlenecks.
📡 DATA / STREAMING
46. What is event streaming?
Answer:
Continuous flow of data events processed in real time.
47. Kafka vs traditional messaging?
Answer:
Kafka is distributed and scalable; traditional messaging is simpler but less scalable.
48. What is Pub/Sub?
Answer:
A messaging pattern where publishers send messages and subscribers receive them asynchronously.
49. How do you design real-time pipelines?
Answer:
Using event-driven architecture and streaming platforms.
50. Batch vs real-time processing?
Answer:
Batch processes data periodically; real-time processes data instantly.
🌍 NETWORKING
51. What is a VPC/VNet?
Answer:
A virtual network in the cloud that isolates resources.
52. What are private endpoints?
Answer:
They allow secure access to services without exposing them to the public internet.
53. What is DNS in cloud?
Answer:
It resolves domain names to IP addresses, often used for routing.
54. What is load balancing?
Answer:
Distributing traffic across resources to improve performance and availability.
55. What is network segmentation?
Answer:
Dividing networks into smaller parts to improve security.
💰 GOVERNANCE / FINOPS
56. What is cloud governance?
Answer:
Policies and controls to manage cloud usage.
57. What is tagging?
Answer:
Labeling resources for organization and cost tracking.
58. How do you control costs?
Answer:
Monitoring, optimization, and governance policies.
59. What are reserved instances?
Answer:
Discounted pricing for long-term commitments.
60. What is cost allocation?
Answer:
Assigning cloud costs to teams or projects.
🧠 ADVANCED / ARCHITECT LEVEL
61. How do you balance cost vs performance?
Answer:
By analyzing workload requirements and choosing the right architecture.
62. How do you handle technical debt?
Answer:
By prioritizing refactoring and aligning with business goals.
63. How do you make architectural decisions?
Answer:
Based on trade-offs between cost, performance, security, and complexity.
64. How do you handle ambiguity?
Answer:
By gathering requirements and iterating solutions.
65. How do you ensure scalability in design?
Answer:
Through modular, stateless, and distributed architectures.
66. What is your approach to documentation?
Answer:
Clear, structured, and aligned with stakeholders.
67. How do you lead technical discussions?
Answer:
By simplifying complex topics and focusing on business value.
68. What is your biggest strength?
Answer:
Combining technical depth with strategic thinking.
69. What is your biggest weakness?
Answer:
Sometimes focusing too much on optimization, but I balance it with delivery speed.
70. Where do you see yourself in 5 years?
Answer:
Leading large-scale cloud transformation initiatives.
Nenhum comentário:
Postar um comentário