MindIQ Academy

11 - Full Mock Exam Revision Guide

A comprehensive revision guide covering the top Spring Professional concepts, common exam traps, interview questions, and last-minute cheat sheets for Spring Professional Certification candidates. Covers Spring Framework 6 and Spring Boot 3 concepts.


Table of Contents

  1. Top 100 Spring Professional Concepts
  2. Common Mistakes
  3. Interview Questions
  4. Exam Traps
  5. One-Page Cheat Sheet
  6. Last-Minute Revision Notes

1. Top 100 Spring Professional Concepts

No.ConceptRevision Note
1Inversion of ControlObjects receive dependencies instead of creating them directly.
2Dependency InjectionSpring injects required collaborators through constructor, setter, or field injection.
3Constructor InjectionPreferred for mandatory dependencies and immutability.
4Setter InjectionUseful for optional dependencies.
5Field InjectionConcise but harder to test and not preferred.
6BeanAn object managed by the Spring IoC container.
7ApplicationContextCentral Spring container that manages beans, configuration, events, resources, and environment.
8BeanFactoryBasic container; ApplicationContext is the richer commonly used container.
9Bean DefinitionMetadata used by Spring to create and configure a bean.
10Component ScanningAutomatically detects classes annotated with stereotypes such as @Component.
11@ComponentGeneric stereotype for Spring-managed classes.
12@ServiceService-layer stereotype; semantically indicates business logic.
13@RepositoryPersistence-layer stereotype; enables exception translation.
14@ControllerMVC controller stereotype.
15@RestControllerCombines @Controller and @ResponseBody.
16@ConfigurationDeclares Java-based Spring configuration.
17@BeanDeclares a bean from a method inside a configuration class.
18Bean ScopeDefines bean lifecycle and instance reuse.
19Singleton ScopeOne bean instance per Spring container; default scope.
20Prototype ScopeNew bean instance each time requested from the container.
21Request ScopeOne bean instance per HTTP request.
22Session ScopeOne bean instance per HTTP session.
23Bean LifecycleCreation, dependency injection, initialization, use, and destruction.
24@PostConstructRuns after dependency injection.
25@PreDestroyRuns before bean destruction for singleton beans.
26BeanPostProcessorHook to modify beans before and after initialization.
27ProfilesActivate environment-specific beans and configuration.
28@ProfileRegisters a bean only when specific profiles are active.
29Externalized ConfigurationUses properties, YAML, environment variables, and command-line arguments.
30@ValueInjects individual property values.
31@ConfigurationPropertiesBinds grouped configuration into typed objects.
32EnvironmentAbstraction over profiles and property sources.
33Property Source OrderDetermines which configuration value wins when duplicate keys exist.
34Auto-ConfigurationSpring Boot configures beans based on classpath, properties, and existing beans.
35@SpringBootApplicationCombines @SpringBootConfiguration, @EnableAutoConfiguration, and @ComponentScan.
36Starter DependenciesCurated dependency sets for common Spring Boot features.
37Conditional BeansBeans created only when conditions match, such as @ConditionalOnMissingBean.
38ActuatorProduction-ready monitoring and management endpoints.
39Health EndpointReports application and dependency health.
40MetricsRuntime measurements exposed through Micrometer and Actuator.
41AOPSeparates cross-cutting concerns such as transactions, logging, and security.
42AspectModule containing cross-cutting logic.
43AdviceAction taken at a join point, such as before or after method execution.
44PointcutExpression selecting join points.
45Join PointA point during program execution, usually method execution in Spring AOP.
46ProxyObject that wraps a target to apply additional behavior.
47JDK Dynamic ProxyInterface-based proxy.
48CGLIB ProxyClass-based proxy.
49Self-InvocationCalling another method in the same class bypasses Spring proxy advice.
50@TransactionalDeclares transactional boundaries.
51Transaction PropagationDefines how a method participates in existing transactions.
52REQUIREDJoins existing transaction or creates a new one.
53REQUIRES_NEWSuspends existing transaction and starts a new one.
54NESTEDUses a savepoint inside an existing transaction.
55Transaction IsolationControls visibility of concurrent transaction changes.
56Rollback RulesRuntime exceptions and errors roll back by default.
57Checked Exception RollbackRequires rollbackFor.
58Read-Only TransactionHint for read operations and ORM optimization.
59PlatformTransactionManagerSpring abstraction for transaction management.
60Spring MVCWeb framework based on DispatcherServlet and controllers.
61DispatcherServletFront controller for Spring MVC requests.
62HandlerMappingMaps requests to handlers.
63HandlerAdapterInvokes mapped handlers.
64ViewResolverResolves logical view names to actual views.
65@RequestMappingMaps HTTP requests to controller methods.
66@GetMappingShortcut for GET request mapping.
67@PostMappingShortcut for POST request mapping.
68@RequestParamBinds query parameters or form parameters.
69@PathVariableBinds URI template variables.
70@RequestBodyBinds HTTP request body to an object.
71@ResponseBodyWrites return value directly to HTTP response body.
72ValidationUses Bean Validation annotations such as @NotNull and @Size.
73@ValidTriggers validation on method parameters.
74Exception HandlingUses @ExceptionHandler and @ControllerAdvice.
75RESTResource-oriented HTTP API style.
76HTTP Status CodesCommunicate request outcome, such as 200, 201, 400, 404, and 500.
77Spring JDBCSimplifies JDBC with JdbcTemplate.
78JdbcTemplateHandles connection management, statements, and result mapping.
79Spring Data JPARepository abstraction over JPA.
80Repository InterfaceProvides CRUD and query methods.
81Derived Query MethodQuery generated from method name.
82@QueryDeclares custom JPQL or native SQL.
83EntityJPA-mapped domain object.
84EntityManagerJPA interface for persistence context operations.
85Persistence ContextFirst-level cache and entity state manager.
86Lazy LoadingLoads associations on demand.
87Eager LoadingLoads associations immediately.
88N+1 Query ProblemOne query loads parents, then many queries load children.
89Spring SecurityAuthentication, authorization, and protection framework.
90AuthenticationVerifies user identity.
91AuthorizationDetermines what an authenticated user can access.
92SecurityFilterChainDefines web security filters and authorization rules.
93PasswordEncoderHashes and verifies passwords.
94CSRF ProtectionProtects browser-based state-changing requests.
95Testing SupportSpring provides integration testing with @SpringBootTest.
96Test SlicesNarrow tests such as @WebMvcTest, @DataJpaTest, and @JsonTest.
97MockMvcTests Spring MVC without starting a real server.
98@MockBeanReplaces a bean in the Spring test context with a mock.
99Application EventsPublish and listen to events inside the application context.
100Resource AbstractionAccess files, classpath resources, URLs, and servlet resources uniformly.

2. Common Mistakes

MistakeWhy It Is WrongCorrect Approach
Using field injection everywhereMakes dependencies hidden and testing harder.Prefer constructor injection.
Assuming @Autowired is required on one constructorSince Spring 4.3, a single constructor is autowired automatically.Omit @Autowired for a single constructor.
Putting business logic in controllersMixes web and business layers.Keep controllers thin and use services.
Using @Component instead of specific stereotypes everywhereLoses semantic clarity.Use @Service, @Repository, and @Controller where appropriate.
Forgetting that singleton beans are sharedMutable state can leak between requests.Keep singleton beans stateless or synchronize state carefully.
Injecting prototype into singleton and expecting new instance each callThe prototype is resolved once when singleton is created.Use ObjectProvider, lookup method injection, or scoped proxy.
Expecting @Transactional on private methods to workSpring proxies cannot intercept private method calls.Put transactions on public service methods.
Calling a transactional method from the same classSelf-invocation bypasses the proxy.Move the method to another bean or call through the proxy.
Expecting checked exceptions to roll back automaticallySpring commits by default for checked exceptions.Use rollbackFor.
Catching and swallowing transactional exceptionsSpring sees normal completion and commits.Rethrow or mark rollback-only intentionally.
Using REQUIRES_NEW without understanding connection usageIt may need another database connection.Use only for truly independent transactions.
Assuming readOnly = true always prevents writesIt is often an optimization hint, not a security rule.Enforce write restrictions in logic and permissions.
Using high isolation everywhereReduces concurrency and can cause blocking.Use the database default unless stronger consistency is needed.
Returning JPA entities directly from APIsCan expose internals and trigger lazy loading issues.Use DTOs for API responses.
Ignoring N+1 queriesCauses poor performance under load.Use fetch joins, entity graphs, or DTO queries.
Using @SpringBootTest for all testsLoads full context and slows test suite.Use test slices when possible.
Mocking everything in integration testsReduces confidence in Spring wiring.Mock only external boundaries when needed.
Disabling CSRF without reasonWeakens browser security.Disable only for stateless APIs or when appropriate.
Storing plain-text passwordsSevere security risk.Use PasswordEncoder.
Exposing all Actuator endpoints publiclyCan leak sensitive operational data.Secure and limit exposed endpoints.

3. Interview Questions

Core Container

  1. What is the difference between IoC and Dependency Injection?
  2. What is a Spring bean?
  3. What is the role of ApplicationContext?
  4. How is ApplicationContext different from BeanFactory?
  5. What are the common bean scopes?
  6. What is the default bean scope?
  7. What happens when a prototype bean is injected into a singleton bean?
  8. What is component scanning?
  9. What is the difference between @Component, @Service, and @Repository?
  10. What is the purpose of @Configuration?
  11. What is the difference between @Bean and @Component?
  12. What is a BeanPostProcessor?
  13. What are @PostConstruct and @PreDestroy used for?
  14. What is constructor injection and why is it preferred?
  15. How does Spring resolve multiple beans of the same type?

Configuration and Boot

  1. What does @SpringBootApplication include?
  2. What is auto-configuration?
  3. How does Spring Boot decide which auto-configuration to apply?
  4. What are starter dependencies?
  5. What is the purpose of application.properties or application.yml?
  6. What is the difference between @Value and @ConfigurationProperties?
  7. What are profiles?
  8. How do you activate a Spring profile?
  9. What is conditional configuration?
  10. How can you override default Spring Boot configuration?

AOP and Transactions

  1. What is AOP?
  2. What is an aspect?
  3. What is advice?
  4. What is a pointcut?
  5. What is a join point in Spring AOP?
  6. What is the difference between JDK dynamic proxies and CGLIB proxies?
  7. Why does self-invocation bypass AOP?
  8. What does @Transactional do?
  9. What is the default transaction propagation?
  10. What is the difference between REQUIRED and REQUIRES_NEW?
  11. What is the difference between NESTED and REQUIRES_NEW?
  12. Which exceptions cause rollback by default?
  13. How do you roll back for checked exceptions?
  14. What is transaction isolation?
  15. What is the purpose of PlatformTransactionManager?

Web and REST

  1. What is the DispatcherServlet?
  2. What is the flow of a Spring MVC request?
  3. What is the difference between @Controller and @RestController?
  4. What is the difference between @RequestParam and @PathVariable?
  5. What does @RequestBody do?
  6. What does @ResponseBody do?
  7. How do you validate request data?
  8. How do you handle exceptions globally?
  9. What is ResponseEntity used for?
  10. Which HTTP status code should be returned after successful creation?

Data Access

  1. What is JdbcTemplate?
  2. How does Spring translate persistence exceptions?
  3. What is Spring Data JPA?
  4. What is a repository interface?
  5. What are derived query methods?
  6. What is the purpose of @Query?
  7. What is the persistence context?
  8. What is the first-level cache?
  9. What is lazy loading?
  10. What causes LazyInitializationException?
  11. What is the N+1 query problem?
  12. How can N+1 queries be avoided?
  13. What is optimistic locking?
  14. What is pessimistic locking?
  15. What is the difference between JPQL and native SQL?

Security

  1. What is Spring Security?
  2. What is authentication?
  3. What is authorization?
  4. What is SecurityFilterChain?
  5. What is the role of UserDetailsService?
  6. What is PasswordEncoder?
  7. Why should passwords not be stored in plain text?
  8. What is CSRF?
  9. When can CSRF be disabled?
  10. How do method security annotations work?

Testing and Operations

  1. What is @SpringBootTest?
  2. What is a test slice?
  3. What is @WebMvcTest?
  4. What is @DataJpaTest?
  5. What is MockMvc?
  6. What is @MockBean used for?
  7. How do you test transactional behavior?
  8. What is Spring Boot Actuator?
  9. What is the health endpoint?
  10. What are metrics used for?

Scenario Questions

  1. A transactional method is not rolling back. What would you check?
  2. A bean is not being discovered. What would you check?
  3. Two beans of the same type exist. How can you resolve injection ambiguity?
  4. A test is slow. How can you improve it?
  5. An API returns lazy loading errors. How would you fix it?
  6. An audit log must be saved even if the main transaction rolls back. Which propagation should you use?
  7. A report query should not run inside a transaction. Which propagation can you use?
  8. A read API is slow due to many queries. What would you investigate?
  9. A production app exposes too much Actuator data. What should be changed?
  10. A controller has too much logic. How should it be refactored?
  11. An endpoint accepts invalid payloads. How should validation be added?
  12. A password login implementation compares raw strings. What is wrong?
  13. A checked exception occurs but data is committed. Why?
  14. A method annotated with @Transactional is called from the same class. What happens?
  15. Which Spring features are implemented using proxies?

4. Exam Traps

TrapCorrect Answer
@Transactional works on self-invocationFalse. Proxy advice is bypassed.
Checked exceptions roll back by defaultFalse. Use rollbackFor.
@Service adds special transactional behaviorFalse. It is mainly a stereotype.
@Repository only marks a DAOIt also participates in persistence exception translation.
Singleton means one instance per JVMNot exactly. It is one instance per Spring container.
Prototype beans are destroyed automatically like singletonsFalse. Spring does not manage full destruction lifecycle for prototypes.
@SpringBootApplication scans the whole classpathFalse. It scans from its package downward by default.
@Bean methods can only create application classesFalse. They can create third-party objects too.
@RestController returns view namesFalse. It writes response bodies by default.
@RequestParam and @PathVariable are the sameFalse. Query/form parameter vs URI template variable.
@RequestBody binds query parametersFalse. It binds the HTTP body.
readOnly = true always blocks writesFalse. It is commonly a hint or optimization.
REQUIRES_NEW joins the current transactionFalse. It suspends the current transaction and starts another.
NESTED commits independentlyFalse. It uses a savepoint and depends on the outer commit.
READ_COMMITTED prevents phantom readsFalse. It prevents dirty reads.
SERIALIZABLE gives best performanceFalse. It gives strongest isolation but usually lowest concurrency.
@WebMvcTest loads the full applicationFalse. It loads MVC-related components.
@DataJpaTest is for controller testingFalse. It is for JPA-related tests.
Spring Security only handles login pagesFalse. It handles authentication, authorization, filters, CSRF, headers, and more.
Actuator endpoints should all be publicFalse. Sensitive endpoints must be secured.

5. One-Page Cheat Sheet

Core Annotations

AnnotationPurpose
@ComponentGeneric Spring bean.
@ServiceService-layer bean.
@RepositoryPersistence bean with exception translation.
@ControllerMVC controller.
@RestControllerREST controller returning response bodies.
@ConfigurationJava configuration class.
@BeanBean-producing method.
@AutowiredDependency injection.
@QualifierSelects a specific bean.
@PrimaryPreferred bean when multiple candidates exist.
@ProfileProfile-specific bean registration.
@ValueInjects a property value.
@ConfigurationPropertiesType-safe grouped property binding.

Spring Boot

FeatureKey Point
@SpringBootApplicationConfiguration, auto-configuration, and component scan.
Auto-configurationBased on classpath, properties, and existing beans.
StartersDependency bundles for common capabilities.
ActuatorHealth, metrics, info, and management endpoints.
ProfilesEnvironment-specific configuration.

Transactions

TopicKey Point
Default propagationREQUIRED
Default isolationDEFAULT
Default rollbackRuntimeException and Error
Checked rollbackUse rollbackFor
Independent transactionREQUIRES_NEW
Savepoint transactionNESTED
Read optimization@Transactional(readOnly = true)
Main abstractionPlatformTransactionManager

Propagation

PropagationMeaning
REQUIREDJoin or create transaction.
REQUIRES_NEWSuspend current and create new transaction.
SUPPORTSJoin if present, otherwise no transaction.
MANDATORYMust have existing transaction.
NOT_SUPPORTEDSuspend current and run without transaction.
NEVERFail if transaction exists.
NESTEDSavepoint inside existing transaction.

Isolation

IsolationPrevents
READ_UNCOMMITTEDNothing significant.
READ_COMMITTEDDirty reads.
REPEATABLE_READDirty and non-repeatable reads.
SERIALIZABLEDirty, non-repeatable, and phantom reads.

MVC and REST

Annotation/ClassPurpose
DispatcherServletFront controller.
@RequestMappingGeneral request mapping.
@GetMappingGET mapping.
@PostMappingPOST mapping.
@RequestParamQuery/form parameter.
@PathVariableURI path variable.
@RequestBodyRequest body to object.
@ResponseBodyReturn object as response body.
ResponseEntityResponse body, headers, and status.
@ControllerAdviceGlobal controller advice.
@ExceptionHandlerException-specific handler.

Data

TopicKey Point
JdbcTemplateSimplifies JDBC resource handling.
Spring Data JPARepository abstraction for JPA.
Derived queriesBuilt from repository method names.
Persistence contextTracks managed entities.
Lazy loadingLoads associations when accessed.
N+1 problemMany extra queries for associations.
DTO projectionEfficient read model for APIs.

Security

TopicKey Point
AuthenticationWho the user is.
AuthorizationWhat the user can access.
SecurityFilterChainDefines filter-based security.
PasswordEncoderHashes and verifies passwords.
CSRFProtects browser-based state-changing requests.
Method securitySecures service methods.

Testing

Annotation/ToolPurpose
@SpringBootTestFull application context test.
@WebMvcTestMVC slice test.
@DataJpaTestJPA slice test.
MockMvcMVC testing without real server.
@MockBeanReplaces Spring bean with mock.

6. Last-Minute Revision Notes

Must-Remember Defaults

TopicDefault
Bean scopeSingleton
Transaction propagationREQUIRED
Transaction isolationDatabase default through Isolation.DEFAULT
Transaction rollbackRuntime exceptions and errors
Spring Boot scan packagePackage of main application class and subpackages
@RestController behaviorReturns response body
@SpringBootTest behaviorLoads full application context

High-Value Points

  1. Prefer constructor injection for required dependencies.
  2. @Repository enables persistence exception translation.
  3. @SpringBootApplication includes component scanning from its package downward.
  4. Auto-configuration backs off when user-defined beans are present.
  5. Spring AOP is proxy-based.
  6. Self-invocation bypasses proxy-based AOP.
  7. @Transactional usually belongs on service-layer methods.
  8. Checked exceptions do not roll back unless configured.
  9. REQUIRES_NEW creates an independent transaction.
  10. NESTED uses savepoints and depends on outer commit.
  11. readOnly = true is not a universal write blocker.
  12. Higher isolation means stronger consistency but lower concurrency.
  13. Use DTOs to avoid exposing entities and lazy loading problems.
  14. Use test slices to keep tests focused and fast.
  15. Secure Actuator endpoints in production.

Last-Minute Transaction Review

@Transactional(
    propagation = Propagation.REQUIRED,
    isolation = Isolation.DEFAULT,
    rollbackFor = Exception.class,
    readOnly = false
)
If You NeedUse
Atomic business operation@Transactional on service method
Rollback for checked exceptionrollbackFor
Audit commit independent of main failureREQUIRES_NEW
Partial rollback to savepointNESTED
Read optimizationreadOnly = true

Last-Minute Web Review

RequirementUse
Return JSON directly@RestController
Bind URL segment@PathVariable
Bind query parameter@RequestParam
Bind JSON body@RequestBody
Validate request body@Valid
Global error handling@ControllerAdvice
Custom status and headersResponseEntity

Last-Minute Data Review

ProblemSolution
Repetitive JDBC boilerplateJdbcTemplate
Basic CRUD repositorySpring Data JPA repository
Custom JPQL@Query
Lazy loading errorFetch inside transaction or use DTO query
N+1 queriesFetch join, entity graph, batch fetching, or DTO projection
Concurrent update conflictOptimistic or pessimistic locking

Last-Minute Security Review

RequirementUse
Define web securitySecurityFilterChain
Load user dataUserDetailsService
Hash passwordsPasswordEncoder
Protect browser formsCSRF protection
Secure service methodsMethod security annotations

Final Exam Strategy

  1. Read each option carefully; many wrong answers are almost correct.
  2. Watch for words like always, never, only, and automatically.
  3. For transaction questions, identify proxy boundaries, exception type, propagation, and isolation.
  4. For Boot questions, remember auto-configuration is conditional.
  5. For testing questions, choose the narrowest test slice that satisfies the scenario.
  6. For MVC questions, distinguish path variables, query parameters, and request bodies.
  7. For security questions, separate authentication from authorization.
  8. For data questions, think about transaction boundaries, persistence context, lazy loading, and query count.