IT Officers Pre-Recruitment Training Session

API Development & Data Centre Operations

Duration: 1 Hour
Target Audience: IT Officer Candidates
Session Structure: 10-15 minutes concepts + 45-50 minutes MCQ practice

Part 1: Key Concepts & Introduction (10-15 minutes)

API Development Fundamentals
What is an API? Application Programming Interface (API) is a set of protocols,
routines, and tools that allows different software applications to communicate
with each other. In banking, APIs enable secure integration between core
banking systems, mobile apps, third-party services, and payment gateways.
Key API Types in Banking:
• REST APIs: Representational State Transfer - most common for web
services
• SOAP APIs: Simple Object Access Protocol - enterprise-grade with built-in
security
• GraphQL: Query language for APIs, efficient data fetching
• Open Banking APIs: Regulatory-compliant APIs for financial data sharing
API Security Essentials:
• Authentication (OAuth 2.0, JWT tokens)
• Authorization and access control
• Data encryption (TLS/SSL)
• Rate limiting and throttling
• API key management
API Development Lifecycle:
1. Design & Documentation
2. Development & Testing

Classification: Public

Classification: Internal
 3. Security Implementation
4. Deployment & Monitoring
5. Version Management & Maintenance

Data Centre Operations Fundamentals

Data Centre Components:
• Servers: Physical/virtual machines hosting applications
• Storage Systems: SAN, NAS, cloud storage solutions
• Network Infrastructure: Switches, routers, firewalls, load balancers
• Power Systems: UPS, generators, PDUs
• Cooling Systems: HVAC, precision cooling units
• Security Systems: Physical access controls, surveillance
Data Centre Tiers:
• Tier I: Basic capacity (99.671% uptime)
• Tier II: Redundant components (99.741% uptime)
• Tier III: Concurrently maintainable (99.982% uptime)
• Tier IV: Fault tolerant (99.995% uptime)
Key Operational Metrics:
• Availability: System uptime percentage
• PUE (Power Usage Effectiveness): Total facility power / IT equipment
power
• MTBF: Mean Time Between Failures
• MTTR: Mean Time To Repair
• RTO/RPO: Recovery Time/Point Objectives
Classification: Public

Classification: Internal
Banking-Specific Considerations:
• Regulatory compliance (RBI guidelines)
• Disaster recovery and business continuity
• Data sovereignty and localization
• 24/7 operations for critical banking services

Classification: Public

Classification: Internal
Practice MCQs (45-50 minutes)
API Development Questions (25 MCQs)
1. Which HTTP method is typically used to retrieve data in a RESTful API?
a) POST b) PUT c) GET d) DELETE
Answer: c) GET
2. What does JWT stand for in API authentication?
a) Java Web Token b) JSON Web Token c) JavaScript Web Token d) Just Web
Token
Answer: b) JSON Web Token
3. Which HTTP status code indicates a successful API request?
a) 404 b) 500 c) 200 d) 403
Answer: c) 200
4. In RESTful APIs, what does the acronym CRUD represent?
a) Create, Read, Update, Delete
b) Connect, Retrieve, Upload, Download
c) Copy, Remove, Undo, Duplicate
d) Configure, Run, Use, Deploy
Answer: a) Create, Read, Update, Delete
5. Which of the following is NOT a common API authentication method?
a) API Keys b) OAuth 2.0 c) Basic Authentication d) FTP Authentication
Answer: d) FTP Authentication
6. What is the primary purpose of API rate limiting?
a) To increase API speed b) To prevent abuse and ensure fair usage c) To reduce
server costs d) To improve API documentation
Answer: b) To prevent abuse and ensure fair usage
7. Which format is most commonly used for REST API data exchange?
a) XML b) CSV c) JSON d) HTML
Classification: Public

Classification: Internal
Answer: c) JSON
8. What does API versioning help achieve?
a) Faster response times b) Better security c) Backward compatibility d) Reduced
server load
Answer: c) Backward compatibility
9. Which HTTP status code indicates 'Unauthorized' access?
a) 400 b) 401 c) 403 d) 404
Answer: b) 401
10. In API development, what is the purpose of middleware?
a) To store data permanently b) To handle requests between client and server
c) To design user interfaces d) To manage databases
Answer: b) To handle requests between client and server
11. Which protocol is commonly used for real-time API communication?
a) HTTP b) FTP c) WebSocket d) SMTP
Answer: c) WebSocket
12. What is the primary benefit of using GraphQL over REST?
a) Better security b) Faster development c) Flexible data fetching d) Easier
deployment
Answer: c) Flexible data fetching
13. Which of the following is a best practice for API error handling?
a) Return generic error messages b) Expose internal system details c) Provide
meaningful error codes and messages d) Ignore client errors
Answer: c) Provide meaningful error codes and messages
14. What does CORS stand for in web API context?
a) Cross-Origin Resource Sharing b) Common Object Request System c)
Centralized Online Resource Service d) Cross-Over Request Security
Answer: a) Cross-Origin Resource Sharing

Classification: Public

Classification: Internal
15. Which testing approach is most suitable for API testing?
a) Manual testing only b) Automated testing with tools like Postman c) Visual
testing d) Performance testing only
Answer: b) Automated testing with tools like Postman
16. In RESTful design, which HTTP method is idempotent? a) POST b) PUT c)
PATCH d) All of the above
Answer: b) PUT
17. What is the purpose of API documentation?
a) Legal compliance b) Developer guidance and integration c) Marketing
purposes d) Server optimization
Answer: b) Developer guidance and integration
18. Which security measure helps prevent API abuse through excessive
requests?
a) Encryption b) Authentication c) Rate limiting d) Authorization
Answer: c) Rate limiting
19. What is the difference between authentication and authorization in APIs?
a) They are the same thing b) Authentication verifies identity, authorization
controls access c) Authorization verifies identity, authentication controls access
d) Neither is important for APIs
Answer: b) Authentication verifies identity, authorization controls access
20. Which HTTP method is typically used to update existing data in REST APIs?
a) GET b) POST c) PUT or PATCH d) DELETE
Answer: c) PUT or PATCH
21. What is API gateway primarily used for?
a) Data storage b) User interface design c) Managing API requests and routing d)
Database management
Answer: c) Managing API requests and routing

Classification: Public

Classification: Internal
22. Which of the following is a characteristic of microservices architecture?
a) Monolithic deployment b) Single database for all services c) Independent
deployment of services d) Tight coupling between components
Answer: c) Independent deployment of services
23. What does SLA stand for in API context?
a) Software License Agreement b) Service Level Agreement c) System Load
Analysis d) Security Level Assessment
Answer: b) Service Level Agreement
24. Which tool is commonly used for API documentation?
a) Swagger/OpenAPI b) Microsoft Word c) PowerPoint d) Excel
Answer: a) Swagger/OpenAPI
25. In banking APIs, what is PCI DSS compliance related to?
a) Personal data protection b) Payment card data security c) API performance
standards d) Database management
Answer: b) Payment card data security
Data Centre Operations Questions (25 MCQs)
26. What does PUE measure in data centre operations?
a) Processing Unit Efficiency b) Power Usage Effectiveness c) Performance Under
Evaluation d) Primary Utilization Effectiveness
Answer: b) Power Usage Effectiveness
27. Which data centre tier provides the highest availability?
a) Tier I b) Tier II c) Tier III d) Tier IV
Answer: d) Tier IV
28. What is the primary purpose of UPS in data centres?
a) Cooling systems b) Network connectivity c) Uninterrupted power supply d)
Data storage
Answer: c) Uninterrupted power supply

Classification: Public

Classification: Internal
29. Which cooling method is most efficient for high-density server
environments?
a) Air conditioning b) Liquid cooling c) Natural ventilation d) Fan cooling
Answer: b) Liquid cooling
30. What does MTBF stand for in data centre operations?
a) Maximum Time Before Failure b) Mean Time Between Failures c) Minimum
Time Between Functions d) Maximum Time Before Fix
Answer: b) Mean Time Between Failures
31. Which storage technology provides the fastest data access?
a) HDD (Hard Disk Drive) b) SSD (Solid State Drive) c) Tape storage d) Optical
storage
Answer: b) SSD (Solid State Drive)
32. What is the ideal temperature range for most data centre server rooms?
a) 15-20°C b) 18-27°C c) 30-35°C d) 10-15°C
Answer: b) 18-27°C
33. Which network component helps distribute incoming requests across
multiple servers?
a) Router b) Switch c) Load balancer d) Firewall
Answer: c) Load balancer
34. What does RAID 1 configuration provide?
a) Data striping b) Data mirroring c) Data compression d) Data encryption
Answer: b) Data mirroring

Classification: Public

Classification: Internal
35. Which monitoring metric indicates system availability?
a) CPU utilization b) Memory usage c) Uptime percentage d) Network bandwidth
Answer: c) Uptime percentage
36. What is the purpose of a DMZ in data centre network architecture?
a) Data storage b) Server cooling c) Network security buffer zone d) Power
distribution
Answer: c) Network security buffer zone
37. Which backup strategy involves creating copies at regular intervals?
a) Continuous backup b) Incremental backup c) Differential backup d) Full
backup
Answer: b) Incremental backup
38. What does SAN stand for in storage terminology?
a) Storage Area Network b) System Administration Network c) Secure Access
Network d) Server Application Network
Answer: a) Storage Area Network
39. Which factor is most critical for data centre location selection?
a) Proximity to shopping centers b) Natural disaster risk assessment c) Tourist
attractions nearby d) Local entertainment options
Answer: b) Natural disaster risk assessment
40. What is the primary purpose of virtualization in data centres?
a) Increase physical server count b) Optimize resource utilization c) Improve
cooling efficiency d) Reduce network complexity
Answer: b) Optimize resource utilization
41. Which protocol is commonly used for network time synchronization? a)
HTTP b) FTP c) NTP d) SMTP
Answer: c) NTP

Classification: Public

Classification: Internal
42. What does RTO represent in disaster recovery planning?
a) Real Time Operations b) Recovery Time Objective c) Restore Target
Operations d) Remote Terminal Operations
Answer: b) Recovery Time Objective
43. Which security practice involves regularly updating system software? a)
Access control b) Patch management c) Firewall configuration d) Encryption
Answer: b) Patch management
44. What is the main advantage of hot-swappable components?
a) Lower cost b) Better performance c) Replacement without system shutdown
d) Improved security
Answer: c) Replacement without system shutdown
45. Which environmental factor can significantly impact server performance?
a) Room color b) Humidity levels c) Furniture arrangement d) Window size
Answer: b) Humidity levels
46. What does CDN stand for in data centre context?
a) Central Data Network b) Content Delivery Network c) Core Distribution
Network d) Computer Data Network
Answer: b) Content Delivery Network
47. Which monitoring approach provides real-time system status?
a) Monthly reports b) Annual audits c) Continuous monitoring d) Quarterly
reviews
Answer: c) Continuous monitoring
48. What is the purpose of raised flooring in data centres?
a) Aesthetic appeal b) Cable management and airflow c) Sound insulation d)
Water drainage
Answer: b) Cable management and airflow

Classification: Public

Classification: Internal
49. Which backup location strategy provides the best disaster recovery?
a) Same building b) Same city c) Geographically distant location d) Same server
room
Answer: c) Geographically distant location
50. What does colocation mean in data centre services?
a) Sharing server resources b) Renting space for customer equipment c) Cloud
computing services d) Network connectivity only
Answer: b) Renting space for customer equipment

Classification: Public

Classification: Internal
Session Summary & Key Takeaways
API Development:
• Focus on security, scalability, and proper documentation
• RESTful principles and HTTP status codes are fundamental
• Authentication and authorization are critical for banking APIs
• Version management ensures backward compatibility
Data Centre Operations:
• High availability and redundancy are essential for banking operations
• Monitoring and maintenance prevent costly downtime
• Environmental controls (power, cooling) are crucial for equipment
longevity
• Disaster recovery planning is mandatory for business continuity
Exam Preparation Tips:
• Review RBI guidelines for IT governance in banks
• Understand both theoretical concepts and practical implementations
• Practice time management during the actual exam
• Focus on banking-specific scenarios and compliance requirements
Next Steps:
• Review incorrect answers and understand the reasoning
• Practice additional mock tests
• Study official documentation for technologies mentioned
• Stay updated with current banking technology trends

Classification: Public

Classification: Internal