← CBA hub

CBA — Customizing Backstage

32% of the CBA exam. Sample questions below; the full library has 38 questions tagged to this domain.

Sample questions on Customizing Backstage

Customizing Backstage

Q1. When creating a custom plugin API to share functionality between plugins, which pattern does Backstage recommend?

Reveal answer and explanations
  1. A Using React Context to expose API implementations

    Incorrect. React Context can be used but doesn't follow Backstage's API registration pattern.

  2. B Storing shared functions in the backend database

    Incorrect. Storing functions in the database is inefficient and not part of plugin architecture.

  3. C Creating shared utility functions in a common package

    Incorrect. While utility functions are useful, they don't provide the plugin isolation and dependency management of the API registry.

  4. D Defining an API interface and registering it with the API registry

    Correct. Backstage's API registry pattern allows you to define typed APIs and inject them into plugins, providing proper dependency management and isolation.

Customizing Backstage

Q2. In a proxy backend plugin, what is the primary security concern when proxying requests to external services?

Reveal answer and explanations
  1. A The proxy must rate-limit requests to prevent DDoS attacks on the external service

    Incorrect. Rate limiting is a concern, but the primary security issue is credential management.

  2. B The proxy must ensure credentials for the external service are not leaked through request headers or logs

    Correct. Proxy plugins must carefully manage backend credentials, ensuring they are not exposed through client-side headers or logging.

  3. C The proxy must compress all responses to prevent network sniffing

    Incorrect. Compression is a transport optimization, not a security measure against credential leakage.

  4. D The proxy must validate that the external service's SSL certificate is valid

    Incorrect. While certificate validation is important, it's standard HTTPS behavior.

Customizing Backstage

Q3. A production Backstage deployment has different auth, integration, database, and plugin settings per environment. What does app-config.yaml control?

Reveal answer and explanations
  1. A React component rendering logic compiled into the frontend bundle

    Incorrect. Component rendering logic lives in application and plugin code.

  2. B TypeScript compiler settings for each workspace package

    Incorrect. TypeScript compiler settings are defined in tsconfig files.

  3. C Runtime feature, auth, database, and integration config

    Correct. Backstage configuration files supply runtime settings for installed features, auth providers, integrations, and services.

  4. D Database schema definitions generated by plugin migrations

    Incorrect. Plugin database schemas are managed by backend code and migrations, not by app-config.yaml.

Customizing Backstage

Q4. What is the relationship between entity pages, entity layout components, and the Backstage routing system?

Reveal answer and explanations
  1. A Entity pages are routes that use entity layout components to organize content; routing is handled by the core framework

    Correct. Custom entity pages use layout components to structure the UI; the framework handles routing based on entity type.

  2. B The routing system dynamically generates entity pages from entity layout components defined in each plugin

    Incorrect. While plugins can contribute layout components, the framework generates the routes.

  3. C Entity layout components are independent routes that manage their own navigation

    Incorrect. Layout components are not independent routes; they're nested within entity pages.

  4. D Entity pages are static HTML files generated at build time; components are loaded dynamically

    Incorrect. Entity pages are dynamically rendered, not static.

Customizing Backstage

Q5. A company needs branded colors and typography without patching CSS or node_modules. Which supported Backstage API should create the app theme?

Reveal answer and explanations
  1. A Replace Material UI entirely with a different component library

    Incorrect. Backstage theming is designed to work through the Backstage and Material UI theme APIs.

  2. B Override global CSS with !important rules in index.css

    Incorrect. Global CSS overrides are brittle and bypass the supported theme model.

  3. C Modify files inside node_modules/@backstage/theme

    Incorrect. Editing node_modules is not maintainable and will be overwritten by dependency updates.

  4. D Use createUnifiedTheme with createApp

    Correct. Backstage marks createTheme() as obsolete and documents createUnifiedTheme() as the supported theme creation API.

Drill Customizing Backstage with the full bankDomain Drill mode targets your weak areas — paid feature

How this domain is tested

Customizing Backstage accounts for 32% of the CBA exam. Expect questions that test recall of terminology and the ability to read short scenarios — not deep configuration. Use the sample questions above as difficulty calibration; if any feel hard, the rest of our 38-question domain bank will close those gaps.