← CBA hub

Free CBA Sample Questions

10 CBA questions with full explanations for every option, free to view on this page.

Customizing Backstage

Q1. A production Backstage deployment has different auth, integration, database, and plugin settings per environment. What does app-config.yaml control?

Reveal answer and explanations
  1. A React component rendering logic compiled into the frontend bundle

    Incorrect. Component rendering logic lives in application and plugin code.

  2. B TypeScript compiler settings for each workspace package

    Incorrect. TypeScript compiler settings are defined in tsconfig files.

  3. C Runtime feature, auth, database, and integration config

    Correct. Backstage configuration files supply runtime settings for installed features, auth providers, integrations, and services.

  4. D Database schema definitions generated by plugin migrations

    Incorrect. Plugin database schemas are managed by backend code and migrations, not by app-config.yaml.

Customizing Backstage

Q2. What is the relationship between entity pages, entity layout components, and the Backstage routing system?

Reveal answer and explanations
  1. A Entity pages are routes that use entity layout components to organize content; routing is handled by the core framework

    Correct. Custom entity pages use layout components to structure the UI; the framework handles routing based on entity type.

  2. B The routing system dynamically generates entity pages from entity layout components defined in each plugin

    Incorrect. While plugins can contribute layout components, the framework generates the routes.

  3. C Entity layout components are independent routes that manage their own navigation

    Incorrect. Layout components are not independent routes; they're nested within entity pages.

  4. D Entity pages are static HTML files generated at build time; components are loaded dynamically

    Incorrect. Entity pages are dynamically rendered, not static.

Customizing Backstage

Q3. When creating a custom plugin API to share functionality between plugins, which pattern does Backstage recommend?

Reveal answer and explanations
  1. A Using React Context to expose API implementations

    Incorrect. React Context can be used but doesn't follow Backstage's API registration pattern.

  2. B Storing shared functions in the backend database

    Incorrect. Storing functions in the database is inefficient and not part of plugin architecture.

  3. C Creating shared utility functions in a common package

    Incorrect. While utility functions are useful, they don't provide the plugin isolation and dependency management of the API registry.

  4. D Defining an API interface and registering it with the API registry

    Correct. Backstage's API registry pattern allows you to define typed APIs and inject them into plugins, providing proper dependency management and isolation.

Customizing Backstage

Q4. In a proxy backend plugin, what is the primary security concern when proxying requests to external services?

Reveal answer and explanations
  1. A The proxy must rate-limit requests to prevent DDoS attacks on the external service

    Incorrect. Rate limiting is a concern, but the primary security issue is credential management.

  2. B The proxy must ensure credentials for the external service are not leaked through request headers or logs

    Correct. Proxy plugins must carefully manage backend credentials, ensuring they are not exposed through client-side headers or logging.

  3. C The proxy must compress all responses to prevent network sniffing

    Incorrect. Compression is a transport optimization, not a security measure against credential leakage.

  4. D The proxy must validate that the external service's SSL certificate is valid

    Incorrect. While certificate validation is important, it's standard HTTPS behavior.

Customizing Backstage

Q5. A team wants to replace one default Backstage page but still upgrade the upstream plugin later. Why use a component override instead of editing plugin source?

Reveal answer and explanations
  1. A To manage npm dependency versions across the monorepo

    Incorrect. Dependency versions are managed by package manifests and the workspace tooling.

  2. B To change deployment-time environment variables

    Incorrect. Deployment-time values belong in Backstage configuration or environment variables.

  3. C To make the production bundle smaller automatically

    Incorrect. Overrides are about behavior and presentation, not automatic bundle optimization.

  4. D Replace default UI with app-owned behavior

    Correct. Overrides let the app replace or decorate default UI behavior without patching the plugin package itself.

Customizing Backstage

Q6. When implementing a custom plugin extension point, what is the primary mechanism that allows third-party plugins to discover and interact with your extension without tight coupling?

Reveal answer and explanations
  1. A Implementing the extension through the shared routes or search routes system with discoverable identifiers

    Correct. Using shared routes or search routes with consistent identifiers allows loose coupling and discovery of extensions by other plugins.

  2. B Defining the extension in a YAML file in the app-config and dynamically loading it

    Incorrect. YAML-based dynamic loading isn't how Backstage handles extension point discovery.

  3. C Registering the extension in the plugin's index.ts file with hardcoded import paths

    Incorrect. Hardcoded imports defeat the purpose of plugin extensibility and create tight coupling.

  4. D Using a shared npm package that exports the extension configuration object

    Incorrect. While shared packages can work, they create tight coupling and don't enable true plugin discovery.

Customizing Backstage

Q7. A team is packaging a custom page as a Backstage frontend plugin for the new frontend system. Which API creates the plugin instance?

Reveal answer and explanations
  1. A createFrontendPlugin

    Correct. The new frontend system uses this factory to create a plugin instance with a plugin ID and extension definitions, avoiding a custom class hierarchy.

  2. B CustomPluginInterface

    Incorrect. Backstage documentation describes a factory function for plugin instances; this name is just a distractor and would not give the app an installable plugin feature.

  3. C BackstagePluginClass

    Incorrect. A made-up class name would not integrate with the documented frontend feature installation flow or the extension tree used by Backstage apps.

  4. D createBackendPlugin

    Incorrect. That factory belongs to server-side extension points and does not create an installable browser feature for the frontend system.

Customizing Backstage

Q8. When creating a custom sidebar navigation item using createComponentExtension, which of the following scenarios would require additional configuration beyond the basic plugin setup?

Reveal answer and explanations
  1. A Adding a static navigation item that always appears at the bottom of the sidebar

    Incorrect. Static items with positioning are straightforward configurations of createComponentExtension.

  2. B Adding a navigation item with a custom color

    Incorrect. Colors are handled through standard theming, not special configuration.

  3. C Adding a navigation item with an icon that only appears for users with specific permissions

    Correct. Permission-based visibility requires integration with Backstage's permission framework and custom logic beyond the basic extension.

  4. D Adding a navigation item that links to an external URL

    Incorrect. External URL links are directly supported by navigation extensions.

Customizing Backstage

Q9. A company needs branded colors and typography without patching CSS or node_modules. Which supported Backstage API should create the app theme?

Reveal answer and explanations
  1. A Replace Material UI entirely with a different component library

    Incorrect. Backstage theming is designed to work through the Backstage and Material UI theme APIs.

  2. B Override global CSS with !important rules in index.css

    Incorrect. Global CSS overrides are brittle and bypass the supported theme model.

  3. C Modify files inside node_modules/@backstage/theme

    Incorrect. Editing node_modules is not maintainable and will be overwritten by dependency updates.

  4. D Use createUnifiedTheme with createApp

    Correct. Backstage marks createTheme() as obsolete and documents createUnifiedTheme() as the supported theme creation API.

Customizing Backstage

Q10. You're creating a plugin that needs to execute custom logic whenever a new entity is added to the catalog. What is the most appropriate pattern?

Reveal answer and explanations
  1. A Implement a custom middleware in the express app that intercepts catalog mutations

    Incorrect. Custom express middleware bypasses Backstage's proper plugin architecture.

  2. B Create a custom search index extension that polls the catalog API

    Incorrect. The search index is for indexing existing data, not for processing new entities as they arrive.

  3. C Subscribe to catalog webhook events in a custom backend plugin using the CatalogProcessor interface

    Correct. CatalogProcessor is the designed extension point for intercepting and processing catalog entities as they are ingested.

  4. D Hook into the EntityListComponent lifecycle and call your API on componentDidMount

    Incorrect. Frontend component lifecycle hooks are not suitable for reliable, system-wide catalog operations.

Take the full timed CBA mock90 minutes · 60 questions · free with account

About these questions

These questions are written against the current CBA curriculum — not scraped exam dumps. The full CBA library here has 120 questions; the broader platform covers the rest of the Golden Kubestronaut path.