SonarQube Interview Questions and Answers from 2022 [updated]

SonarQube is a mainly known for Code analysis tool which analyzes source code as per industry standards, and provides standard and advance reports for the improve quality. It combines static and dynamic analysis tools and easy to read is also a lot easier with SonarQube.

Download Sonarqube
SonarQube Interview Questions

Sonarqube Questions and Answers from Frescoplay

Q.1 Rules are collected in __.

1) Quality Gate

2) Quality Profile

3) Both

4) None of the options

Correct Answer is :Quality Gate

Q.2 Which statement is correct?

1) Sonar will run PMDtest by default for Java projects

2) Sonar will run FindIssue by default for Java projects

3) Sonar will run Checkmate by default for Java projects

4) Sonar will run CheckStyle, FindBugs and PMD by default for Java projects

Correct Answer is :Sonar will run CheckStyle, FindBugs and PMD by default for Java projects

Q.3 When an resolved issue is not being corrected, what is the status it gets into automatically?

1) reopened

2) reconfirmed

3) resolved

4) None of the options

Correct Answer is :reopened

Q.4 Sonarway is the default Quality gate of SonarQube.

1) True

2) False

Correct Answer is :True

Q.5 SonarQube has a feature of automatic issue assignment.

1) True

2) False

Correct Answer is :True

Q.6 Tags differentiate between rules and issues.

1) True

2) False

Correct Answer is :True

Q.7 What is true about tags?

1) Rules raises tags

2) Tags are language specific

3) Rules raises tags and they are language specific

4) None of the options

Correct Answer is :Rules raises tags and they are language specific

Q.8 Which of the following statements about tags is true?

1) Tags are case insensitive

2) Tags are created at index time

3) Tags can make your data more understandable

4) Tags are searched by using the syntax tag: :

Correct Answer is :Tags can make your data more understandable

Q.9 The rules which are related to bugs in a project are _____.

1) Security rules

2) Reliability rules

3) It’s an open issue

4) None of the options

Correct Answer is :Reliability rules

Q.10 What is Quality Gate?

1) the conditions that should be met before the project goes to production

2) collection of rules and conditions to be met

3) collection of rules

4) None of the options

Correct Answer is :the conditions that should be met before the project goes to production

Q.11 When is an issue automatically closed?

1) removed

2) fixed

3) when it is fixed or removed

4) None of the options

Correct Answer is :when it is fixed or removed

Q.12 Out of 400 lines of code,124 are duplicated lines, what is the Density of Duplication?

1) 31

2) 75

3) 25

4) 46

Correct Answer is :31

Q.13 Which of the following is the best plugin for Java Project?

1) Sonar way

2) Sonar Lint

3) Sonar Java

4) None of the options

Correct Answer is :Sonar Java

Q.14 Search Server does an elastic search to get results from UI.

1) True

2) False

Correct Answer is :True

Q.15 Which among the following is the special feature of SonarQube?

1) transparency

2) ALM

3) leak approach

4) None of the options

Correct Answer is :leak approach

Q.16 Which of the following databases does SonarQube support?

1) Microsoft SQL Server

2) Oracle

3) PostgreSQL

4) All of the options

Correct Answer is :All of the options

Q.17 The default port for Sonarqube is___________.

1) 9000

2) 9001

3) 8080

4) 8081

Correct Answer is :9000

Q.18 Sonar Scanner is the default scanner of SonarQube.

1) True

2) False

Correct Answer is :True

Q.19 What helps to get coverage per test?

1) JaCaCo

2) Cobertura

3) Emma

4) None of the options

Correct Answer is :JaCaCo

Q.20 An issue is raised if a piece of code breaks the rule.

1) True

2) False

Correct Answer is :True

Q.21 Maintainability-related issue in the code is called______________.

1) leak period

2) code rule

3) code coverage

4) code smell

Correct Answer is :code smell

Q.22 Which is true about SonarQube managing security?

1) It manages authorization and authentication of user

2) It does not manage customization for users

3) It manages authorization of user

4) It manages only authentication part

Correct Answer is :It manages authorization and authentication of user

Q.23 If the file is missing, the issue is of which resolution?

1) unresolved

2) closed

3) false negative

4) removed

Correct Answer is :removed

Q.24 Which is not part of Code Technical Review in SonarQube?

1) Submitted

2) Resolve

3) confirmed

4) Change Severity

Correct Answer is :Submitted

Q.25 What keeps a check during the leak period?

1) Rules

2) None of the options

3) Quality Gate

4) Quality Profile

Correct Answer is :Quality Gate

Q.26 Which is the not found in sonar-project.properties?

1) sonar.projectVersion

2) sonar.language

3) sonar.sources

4) sonar.code

Correct Answer is :sonar.code

Q.27 What does security covers?

1) It enables customization for users

2) It manages the access rights to components, pieces of information

3) It manages the access rights to components, pieces of information and enables customization for users

4) It covers the implementation of the policies and operational procedures that are to be maintained as security

Correct Answer is :It manages the access rights to components, pieces of information and enables customization for users

Q.28 SonarQube Scanner and Server must be located in different network.

1) True

2) False

Correct Answer is :True

Q.29 The header section consist of –

1) Lines of Code
Bugs
Vulnerabilities
Code Smells

2) Lines of Code
Bugs
coverage
Code Smells

3) Lines
Issues
Coverage
Duplications

4) Lines of Code
issues
Vulnerabilities
Code Smells

Correct Answer is :Lines
Issues
Coverage
Duplications

Q.30 When an issue is being encountered, the status is __.

1) reopened

2) confirmed

3) resolved

4) open

Correct Answer is :open

Q.31 Each Quality Gate is a combination of__________.

1) comparison operator

2) period

3) measure

4) All of the options

Correct Answer is :All of the options

Q.32 Rules that are expected to have zero or no false positive results.

1) Reliability

2) Maintainabilty

3) Both reliability and maintainability

4) None of the options

Correct Answer is :Both reliability and maintainability

Q.33 How to extend the functionality of SonarQube?

1) Ads on

2) Modules

3) Extension

4) Plugins

Correct Answer is :Plugins

Q.34 Quality Gate has _ types of status.

1) four

2) three

3) two

4) none of the options

Correct Answer is :three

Q.35 Which of the following are important metrics to enforce Quality Gate?

1) Security

2) Reliability

3) Maintainabilty

4) All of the options

Correct Answer is :All of the options

Q.36 What is not a search criteria for the rules in SonarQube?

1) Language

2) Develop

3) Tag

4) Type

Correct Answer is :Develop

Q.37 An issue is raised if a piece of code breaks the rule.

1) True

2) False

Correct Answer is :True

Q.38 SonarQube works on profiles.

1) True

2) False

Correct Answer is :True

Q Is it right definition of Sonarqube?
SonarQube (formerly Sonar) is a quality management platform focusing on continuous analysis of source code quality.

YES (Ans)
NO

Q Which is not a severities in this list

Blocker
Critical
Major
Biggest (Ans)

Q Is it right defintion of SonarQube Scanners?
The SonarQube Scanner is recommended as the default launcher to analyze a project with SonarQube.

YES (Ans)
NO

Q How to extend the functionality of SonarQube?

Modules
Plugins (Ans)
Extension
Ads on

Q Which statement is correct?

Sonar will run CheckStyle, FindBugs and PMD by default for Java projects (Ans)
Sonar will run Checkmate by default for Java projects
Sonar will run FindIssue by default for Java projects
Sonar will run PMDtest by default for Java projects

Q Which is not a axis of code quality in SonarQube?

Architecture and Design
Complexity
Potential bugs
Code Coverage (Ans)

Q What is the prerequisite for SonarQube Installation?

Java (Ans)
DOTNET
JavaScript
Php

Q Which is not part of Code Technical Review in SoanrQube?

Confirm
Change Severity
Resolve
Submited (Ans)

Q What is not a search criteria for the rules in SonarQube?

Language
Type
Tag
Develop (Ans)

Q Which is the not found in sonar-project.properties?

sonar.projectVersion
sonar.sources
sonar.code (Ans)
sonar.language

Q Which property should be decalred for SonarQube Project base dir?

sonar.projectBaseDir (Ans)
sonar.working.directory
sonar.basedir
sonar.projectdir

Q Which property should be decalred to tell SonarQube which SCM plugin should be used to grab SCM data on the project

sonar.scm.provider (Ans)
sonar.scm
sonar.git
sonar.version

Q Which property should be decalred to tell SonarQube log level?

INFO
DEBUG
TRACE
ERROR (Ans)

Q Which is not supported Log Level in SonarQube?

sonar.log.level
sonar.verbose (Ans)
sonar.log
sonar.loglevel

Q Is it right definition of Code Smell? A maintainability-related issue in the code. Leaving it as-is means that at best maintainers will have a harder time than they should making changes to the code. At worst, they’ll be so confused by the state of the code that they’ll introduce additional errors as they make changes.

YES (Ans)
NO

Q Is it right definition of Coding Rule? A good coding practice. Not complying to coding rules leads to quality flaws and creation of issues in SonarQube. Coding rules can check quality on files, unit tests or packages.

YES (Ans)
NO

Q Is it right definition of Analyzer? A client application that analyzes the source code to compute snapshots.

YES (Ans)
NO

Q Which is not severities in Sonarqube?

Options
Blocker
Major
Critical
Issues (Ans)

Q Is it possible to Copy the rules from one profile to another?

YES (Ans)
NOT

Q Is it possible to Copy a profile from one SonarQube instance to another?

YES (Ans)
NOT

Q What is SonarQube
A:Sonar is a web based code quality analysis tool for Maven based Java projects. It covers a wide area of code quality check points which include: Architecture & Design, Complexity, Duplications, Coding Rules, Potential Bugs, Unit Test etc.

Q How do I get rid of issues that are False-Positives?
False-Positive and Won’t Fix
You can mark individual issues False Positive or Won’t Fix through the issues interface. If you’re using PR analysis provided by the Developer Edition, issues marked False Positive or Won’t Fix will retain that status after merge. This is the preferred approach.

//NOSONAR
For most languages, SonarQube supports the use of the generic mechanism: //NOSONAR at the end of the line of the issue. This will suppress all issues – now and in the future – that might be raised on the line.

Q How do I find and remove projects that haven’t been analyzed in a while?
In Administration > Projects > Management you can search for Last analysis before to filter projects not analyzed since a specific date, and then use bulk Delete to remove the projects that match your filter.

This can be automated by using the corresponding Web API: api/projects/bulk_delete?analyzedBefore=YYYY-MM-DD.

Q: Why use SonarQube ?
A:Sonar covers the 7 sections of code quality
Architecture and Design
Unit tests
Duplicated code
Potential bugs
Complex code
Coding standards
Comments

About Author


After years of Technical Work, I feel like an expert when it comes to Develop wordpress website. Check out How to Create a Wordpress Website in 5 Mins, and Earn Money Online Follow me on Facebook for all the latest updates.