Guide
NODE.JS INTERVIEW Qs
Technical questions and model answers for interviewing Node.js developers. Covers event loop, streams/buffers, cluster/worker threads, Express vs Fastify, and more.
Last updated: May 2026
Explain the Node.js Event Loop
The Event Loop is how Node.js handles asynchronous I/O. Powered by libuv, it runs on a single thread. Phases execute in order: timers → pending callbacks → idle/prepare → poll → check → close callbacks. After each phase, the nextTickQueue and microtaskQueue are processed. Blocking work should be offloaded to Worker Threads or child processes.
Explain the difference between Streams and Buffers and when to use each
A Buffer is a fixed-size container holding raw binary data in memory. Streams are an abstraction for processing data in small chunks sequentially, making them memory-efficient for large file I/O. There are four types: Readable, Writable, Duplex, and Transform, which can be chained with pipe().
What's the difference between the Cluster module and Worker Threads?
The Cluster module forks multiple Node.js processes that share the same port for load balancing. Each process has its own memory space and Event Loop. Worker Threads spawn threads within the same process and can share memory via SharedArrayBuffer. Use Worker Threads for CPU-intensive tasks and Cluster for scaling I/O-bound workloads.
Explain the difference between Express and Fastify
Express is the most widely used Node.js framework with a rich middleware ecosystem, but its older architecture limits performance. Fastify offers JSON-schema-based validation, built-in logging, and roughly 2x the throughput of Express. Its plugin architecture supports scoped registration, making it ideal for microservices.
What are error handling best practices in Node.js?
Use try/catch for synchronous code, async/await with try/catch for async code, and always check the first error argument in callbacks. Register listeners for uncaughtException and unhandledRejection to gracefully shut down the process. Create custom Error classes, separate HTTP status codes from error codes, integrate monitoring tools like Sentry, and always log stack traces.
What are security best practices for Node.js applications?
Regularly scan dependencies with npm audit, harden HTTP headers with Helmet, and implement rate limiting with express-rate-limit. Store JWTs in httpOnly cookies instead of localStorage, validate inputs strictly with joi/zod, and use prepared statements to prevent SQL injection. Also essential: prevent .env leaks, configure CORS properly, and rotate secrets regularly.
Contact
Looking for a Node.js Developer?
I can support your technical interviews, advise on hiring, or join directly as your Node.js engineer.