Mendix (Intermediate and Advanced) pt 1

Compilado de questões dos Learning Paths de nivel intermediário e avançado.

Iago Ramos

06/03/2023

Which security level must be active to deploy an application to the test environment of a licensed node in the Mendix cloud?

None

Prototype/demo Security

App Security

Production security

What effect does security have on the navigation of the application?

The visibility of menu items is not affected by security

With security enabled, only administrators can see menu items

The visibility of menu items is affected by entity security

The visibility of menu items is affected by Page and Microflow security

Why can you define security settings on both project and module level?

It makes it easy to reuse modules.

It makes the application more secure.

It is a W3C standard to separate project and module security.

It allows for a better overview.

A user role must have one or more module roles in every module

True

False

Which is NOT a level of app security?

Test

Prototype/demo

Production

Off

When should you configure security in your app development?

When deploying to production

As soon as possible

When the security user story is complete

Just before user testing

Entity access is set at which security level?

Association

Module

Application

Microflow

What is the name for app level security profiles?

User roles

Administration roles

Profile roles

Security roles

Does Mendix allow anonymous users?

True

False

Consider a situation in which there is an entity called Request with an attribute status that has three values: Draft, Submitted, and Approved. There are three user roles: Administrator, Customer, and Employee. The Customer user role is granted the Customer module role. The only access rule configured is read/write access for the Customer with the XPath [Status = Draft] applied. What would a user with the Customer user role see on a page with a data grid without any additional XPath constraints?

All the requests in the Draft status.

All the requests.

No results would be returned.

All the results, but read-only access for non-draft requests.

Consider the exact same situation as the previous question. What would Admin users see?

No results would be returned.

All the results, but read-only for non-draft requests.

All requests in the Draft status.

All the requests.

Consider the same situation again. What would happen if you granted Admin users access to a page with the Request entity in Studio Pro?

Admin users would see an error pop-up window when attempting to access the page.

Users would see no error message, but Security errors would appear in the logs.

Admin users would be able to view the page.

Studio Pro would detect an error and prevent a deployment.

How does the platform use entity access XPaths to enforce security?

The XPaths are added to all the relevant database retrieves.

The user's browser translates the XPaths to show or hide action buttons.

All of these answer options are correct.

The business server interprets the XPaths to prevent sensitive data from entering the system memory.

Where are entity access restrictions applied?

On every microflow.

On every page.

All of these answer options are correct.

On relevant database retrieves.

Which of the following best describes how the Mendix platform applies entity access?

The platform assumes access is granted until it is explicitly removed.

The platform grants read access to all attributes, but write access must be explicitly specified.

The platform grants read/write access to all Admin users.

The platform only grants the access explicitly defined in the entity access rules.

In this domain model, assume that House is a specialization of Building:

Since House is a specialization of Building, an Admin will be able to read and write the SquareFoot in data views containing both Buildings and Houses.

Admin users will never be able to write to the SquareFoot attribute, but they will be able to write to the Bedrooms attribute.

Admin users will be able to read the SquareFoot attribute in data views for Buildings and read and write in data views for Houses.

Referring to the same domain model as was used in previous question, if we create a page with a data grid containing Houses and autogenerate a House_NewEdit page, which of the following statements is FALSE for an Admin user?

Admin users will not be able to create new Houses or delete existing Houses using the default buttons in the control bar of the data grid.

Admin users will be able to read the SquareFoot attribute.

Admin users will be able to edit the SquareFoot attribute.

Admin users will not see the SquareFoot attribute in the Edit page.

Why is it more secure to add security rules on the entity level?

Entity level restrictions are applied at the database level and are thus automatically applied throughout the application.

Entity level restrictions affect what the end-users will see.

Users will not see entities to which they have no access.

Entity level security secures each entity throughout the application.

For the following questions, assume there is an app with three user roles: Administrator, Teacher, and Student. Administrators are granted the ability to manage all user roles, and Teachers can manage users with the Student role. Which of the following statements is false?

Teachers and administrators are able to edit the details of student accounts.

Administrators will be able to create and delete accounts for all students and teachers.

Administrators and teachers can create teacher accounts.

Administrators are able to create other administrator accounts.

Let's say you want Teachers to be able to manage accounts for Students, but only the Students who are in their class. So, you grant Teachers the ability to manage users with the Student role in the app security menu. Will this be sufficient?

No, because only Admins should have the ability to edit accounts.

No, because teachers will have the ability to edit the accounts of any Student, not just their own.

Yes, because Accounts are a specialization of the User entity.

Yes, because now Teachers can edit the account details of the Students.

What is a benefit of assigning only one user role to each user?

It is inherently more secure.

Simplicity

It requires users to create a new account if they need to change roles.

Better representation of business specific processes.

The value 1.23 could be stored in an attribute of the type:

Integer

Long

Real

Decimal

The attribute type Enumeration is used to store:

Automatically generated positive or negative whole number

A list of predefined values

A whole number that can only be positive

A positive or negative number

A connection between two entities in Mendix is called:

An association

An attribute

A relationship

An intersection

Which name should you use for an entity representing a maintenance report?

MaintenanceReport

Maintenance_Report

Maintenance-Report

Maintenance Report

Where do you configure validation rules?

In the entity properties

At app level

In the validation overview of the module

In the association properties

What do validation rules apply to?

Entities

Attributes and associations

Associations

Attributes

What would be a best practice when deleting a Location? On delete of ‘Location’ object:

Delete ‘Location’ objects only if it is not associated with ‘TrainingEvent’ objects

Keep ‘TrainingEvent’ objects

Delete ‘TrainingEvent’ objects

When deleting a Trainee, you want all the Registrations of this Trainee to be deleted as well. What is that delete behavior called?

Cascading delete

Delete associated objects

Prevention of delete

Automatic delete

Which technique does Mendix use to convert data between the runtime and the database?

Object Relational Mapping

Object Retrieval Mechanism

Extract Transform Load

Common Object Request Broker Architecture

Which of the following is supported by persistent and non-persistent entities?

Event handlers

Indexes

Validation

Database queries

How does Mendix implement inheritance?

Class Table Inheritance

Single Table Inheritance

Object Relational Mapping

ActiveRecord

How does Mendix store associations?

In entities

Foreign key constraints

Depending on the relationship

In link tables exclusively

Which of the following can NOT be configured in the properties of an entity?

Image

Persistability

Indexes

Sort order

What is another way of calling an association?

Dependence

Link

Reference

Arrow

How many associations can you add between two entities?

Two associations, one from each entity.

Multiple One-to-One associations.

Only one association.

Many associations of various multiplicity.

What is a good reason to choose to use an Information Entity instead of multiple associations?

You want clear Entity names.

You want to display additional information about an association.

You want to optimize the app’s performance.

You want it to be clear that only one object can have a specific qualification.

Which of the event handlers does always need to return a boolean return value?

The before commit.

The after create.

Both the before commit and after create.

Not the before commit and after create.

Where do you define the "persistable" property of an entity?

In the domain model

In the widget property

In the Microflow

In the page property

For which of the following entity types does Mendix create a database table?

For both persistable and non-persistable

For persistable entity

For none of them

For non-persistable entity

What happens on commit of a non-persistable entity?

Current attribute values and association values are stored in memory.

Current attributes and association values are stored in the database.

Current attributes are stored in the database and associations are stored in memory.

It's not possible to commit a non-persistable entity

What would be a good situation to use a calculated attribute?

When a value changes more often than it is viewed

It is generally preferable to use a calculated attribute

You should avoid using calculated attributes at all costs

When a value is viewed more often than it changes

When connecting 2 entities of 2 different modules how do we typically call that association?

Cross-functional association

Cross-reference association

Bi-module association

Cross-module association

You connected two entities by a cross-module association. You want Studio Pro to take you to the associated entity in the other module - which option do you need to choose when you right click the association?

Go to the associated entity

Go to the other domain model

Go to the other module

Go to the other side

Which of the following options list system members that can be stored as indicated in the properties of an entity?

Created Date, Modified Date, Creator, ModifiedBy

Created Date, Changed Date, Owner, ChangedBy

Created Date, Shifted Date, Originator, ModifiedBy

Created Date, Altered Date, Initiator, ChangedBy

Which of the following terms is used to indicate a user that created the object of the given entity?

Owner

Initiator

Creator

Originator

Inheritance is used to:

Reuse attributes of an entity on other entities, so that you don’t need to add and maintain them multiple times.

Inherit the history of an entity.

Keep your domain model maintainable by inheriting the attributes and associations.

Inherit the structure and behavior of an entity, so that all specializations can be used individually within the same process.

What is the result of generalizing the Player entity by the Person entity?

A single table containing the Player and Person attributes

A single link table to store the ID’s of inherited objects

Two tables, one per entity

Three tables, one per entity plus a join table

What will happen to the ID’s after generalizing the Player and Staff entities by the Person entity?

The ID of the Person part of a Player or Staff will differ from the specialization part.

The ID’s of Player and Staff will keep their own set and sequence and will equal the ID in the Person table.

Same set and sequence for Player and Staff, the ID of person will differ.

There are no changes to the ID’s when inheriting.

Which statement is correct?

A 1-1 association is an IS and inheritance is an HAS type of relation.

A 1-1 association is a HAS and inheritance is an IS type of relation.

A 1-1 association and inheritance are both an IS type of relation.

A 1-1 association and inheritance are both an HAS type of relation.

Why is it a best practice to create a specialization of the FileDocument and Image entities?

Otherwise you cannot store a file on an Amazon server.

It is a UML standard.

It is visually a better representation of the use case.

It allows for better security and property configuration based on purpose.

What is the default value of the attribute DeleteAfterDownload?

True

False

Where are the file(s) or image(s) stored by default?

On the file server located on the application server

On the local drive of the user

As binary in the contents of an attribute

On a dedicated Amazon file server

When it is better to place Indexes?

If there are more Read than Write actions.

If a user starts complaining.

If there are more Write than Read actions.

If you expect it might improve performance.

What happens when you apply an index?

The speed of Read actions will increase.

The speed of Read actions will decrease.

The speed of Write actions will increase.

The speed of Update and Inserts will increase.

The app performance is affected by a reference set (both) because:

You cannot store additional information in a reference set (both).

Both entities needs to be joined with the reference table and data transfer increases.

There is no impact on performance, this depends only on how the association is queried.

The join table must be queried as well.

What type of domain model changes can have an impact on the data in the database?

Type changes and Structural changes

Domain model changes and Type changes

Module changes and Project changes

Structural changes and Project changes

Why is it a best practice to redeploy your app after cleaning up the model?

Obsolete data in the database cannot have security applied and thus creates a security breach.

It is not considered a best practice; only junior developers benefit from it.

You might be confronted with unexpected and/or complex sync behavior during a next deployment.

It has always been done this way. Legacy support.

When localize is set to No, the date displayed in the client is based on the:

UTC value

App time zone

Client time zone

User time zone

Localizing a DateTime attribute has an effect on:

Both client and application server

Client representation

Application server handling

Neither client nor application server

If both the App and User time zones are set, the value of the localized DateTime attribute displayed in the client depends on:

The UTC value

The App time zone

The User time zone

The Client time zone

Jane in the Amsterdam time zone [UTC +2] selects 07/11/2020 in a date picker for a non-localized attribute. What will be the value stored in the database?

07/11/2020 02:00 AM

07/11/2020 12:00 AM

07/10/2020 10:00 PM

07/11/2020 12:00 PM

Nick in the Amsterdam time zone [UTC +2] selects 07/11/2020 in a date picker for a non-localized attribute. What will be the date value if Nick converts it to a string in a microflow using formatDateTime?

07/11/2020 12:00 AM

07/10/2020 10:00 PM

07/11/2020 12:00 PM

07/11/2020 02:00 AM

You can create a new app from the Mendix Developer Portal.

False

True

If a Scrum team gets stuck, because of things that are out of their control, who is responsible to remove those impediments?

The Product Owner

The Project Manager

The Development Team

Scrum Master

How many default App Team roles are there?

A critical success factor for companies working with Mendix is:

Knowing object- oriented programming

Implementing the waterfall project management approach

Working individually on projects depending on expertise

Working in small cross-functional teams

What are microflows?

Small development processes

A data model of the app

A way to describe the whole application process flow

The custom logic of a Mendix application

What are three microflow components?

Decision table, Exclusive merge, End event

Activity, End event, Parameter

Activity, Decision table, Parameter

Activity, End event, Decision table

How many start events can a microflow have?

One

This depends on the trigger of the microflow

Unlimited

This depends on the number of input parameters

Microflows can be triggered by:

Entity event, Action button, Widget event

Widget event, Action button, Default button

Default button, Navigation layout, Widget event

Entity event, Action button, Default button

What does nested data accomplish?

It is not necessary, but shows other developers that the inner data is unique.

It prevents the inner data from being edited by the wrong people.

It constrains the data in one widget in the context of the other.

It allows access to many-to-many associations.

How do you nest data?

By configuring the data source of a list view to use the correct security rule.

By placing a list view inside a tab container.

By placing a data view within a list view.

By placing a list view within a data view.

In the retrieve action, when do you use the option “by association”?

When you want to retrieve the associated object from memory.

When you want to retrieve the association of an object.

Only when you want to retrieve an associated list.

Always when you want to retrieve an associated object.

Which statement is true?

Microflow expressions are used to change, check, and extract data from available values.

Microflow expressions are used to document the microflow actions.

Microflow expressions are used to express the flow of a microflow.

Microflow expressions are used to define a query to the database.

Which activity is used to change the value of an attribute?

Change object

Change variable

Change attribute

Change value

Within the expression addDays(Date and time, Integer/Long), what does 'Date and time' represent?

Data type

Token

Function

Variable

Which keyboard shortcut provides you with a set of available variables, functions and tokens within the expression editor?

Shift+Space

Alt+Space

Ctrl+Space

Tab+Space

Which members of an object available in a microflow are considered to be in the scope of that microflow?

Attributes and all entities accessible via association

Associations of the entity

Attributes and associations of the entity

Attributes of the entity

You would like to add 2 new attributes to an entity. Attribute A will be changed more often than viewed and attribute B will be viewed more often than changed. Which types should they be?

A - calculated, B – stored

Both stored

A – stored, B – calculated

Both calculated

If a microflow encounters an error, what happens to data that was changed earlier in the flow?

It is locked until the microflow reruns successfully

It is deleted

It is committed

It is rolled back

Which of the following is NOT an element of a microflow?

Parameter

Merge

Decision Flow

End Event

You can only have one end point in a microflow.

False

True

What is the correct naming format of a microflow?

{Entity}_{Operation}

{Entity}_{Description}

Standard IT naming conventions

{Prefix}_{Entity}_{Operation}

Which activity allows a rule to be used?

Change variable

Validation feedback

Decision

Merge

What is the easiest way to collect feedback from users from within your app?

Feedback functionality is automatically included in all Mendix apps.

Use the Feedback widget.

Make a page that allows users to write and submit feedback.

Provide a Contact Us link in your app.

Where is page access configured?

Within pages

App Security

Module Security

The domain model

What would be a reasonable validation rule to use for AllowedNumberOfVisitorsPerDay?

Maximum length: 20

Range <= 1000

Unique

Regular Expression: numeric characters only

How can you easily manage accounts for your app?

Edit the database manually

Connect navigation to the built-in Account_Overview page

Make login and account management pages.

Always log in as a superuser.

Is it possible limit an entity to only one object?

Yes, through a Microflow

No, this is not possible

Yes, through the Module Security

Yes, through the Entity Properties

What is a limitation of a sub-microflow compared to a regular microflow?

A sub-microflow may only return a Boolean.

You have a smaller selection of activities.

Branching is not possible.

None. Sub-microflows are equally capable.

What main benefit do sub-microflows offer?

Better maintainability

Improved performance

Increased logical capability

Smaller memory usage

If you want to leave notes for future developers (or yourself) in a microflow, what can you use?

Captions

Sticky notes

Comments

Annotations

What is a limitation of a rule compared to a microflow?

A rule may only return a Boolean.

Branching is not possible.

You have a smaller selection of activities.

None. Rules are equally capable.

You’ve replaced a microflow with newer functionality and want to test it. However, you don’t want to delete the old microflow permanently in case something goes wrong. How can you do this?

Exclude it from the project.

Rename it.

Deactivate it.

Soft delete to the recycle bin and restore later.

How can you allow users to access parts of an app (like a login page) without needing to log in?

Set up anonymous users.

Set up trial users.

Relax security for whichever pages need to be accessed.

Set account security accordingly.

In a microflow, what is a token?

A system-generated value.

A hash string used in user account validation.

A placeholder variable defined by the developer.

A value determining how many sub-microflows may be called in the current microflow.

In a microflow expression, “toUpperCase” is an example of what?

A function

A cast

An operation

A string transform

In a microflow, what would be an example of a variable?

formatDateTime

Empty

Round

$Customer

100

You need to debug a microflow in production but don’t want to impact your users. How can you trigger debugging only when you personally are running the microflow?

Adjust security accordingly.

Write a microflow expression.

Add a decision to the microflow.

Set a breakpoint condition.