HTTP methods
Status codes
Request headers
Response headers
Authentication
Authorization
JWT tokens
Session management
Cookies
OAuth 2.0
API design
RESTful APIs
GraphQL
WebSockets
Server-side rendering
Database design
SQL queries
NoSQL databases
Database indexing
Query optimization
ACID properties
CAP theorem
Normalization
Denormalization
ORM (Object-Relational Mapping)
Connection pooling
Transactions
Migrations
Seeding data
Caching strategies
Redis
Memcached
CDN integration
Rate limiting
Throttling
API versioning
Middleware
Error handling
Logging
Monitoring
Application performance monitoring (APM)
Load balancing
Horizontal scaling
Vertical scaling
Microservices architecture
Monolithic architecture
Service-oriented architecture (SOA)
Message queues
Pub/Sub patterns
Event-driven architecture
CQRS pattern
Saga pattern
API Gateway
Service mesh
Docker containers
Kubernetes orchestration
CI/CD pipelines
Environment variables
Configuration management
Secrets management
CORS (Cross-Origin Resource Sharing)
CSRF protection
XSS prevention
SQL injection prevention
Input validation
Output sanitization
Password hashing
Bcrypt/Argon2
Salt and pepper
Two-factor authentication (2FA)
Single sign-on (SSO)
RBAC (Role-Based Access Control)
ABAC (Attribute-Based Access Control)
File uploads
Streaming data
Pagination
Filtering and sorting
Full-text search
Elasticsearch
Background jobs
Cron jobs
Task scheduling
Worker processes
Async/await patterns
Promises
Callbacks
Thread pools
Process management
Memory management
Garbage collection
Performance profiling
Benchmarking
Testing (unit, integration, E2E)
Mocking and stubbing
API docs (Swagger/OpenAPI)
Postman/Insomnia
Version control (Git)
Code review practices
Debugging techniques
Production deployment strategies
