GhaymahCloud/GhaymahCourseExam
1
0
نسخ 0
الشفرة المشكلات طلبات السحب Actions Packages المشاريع الإصدارات الويكي النشاط

Add exam1.md

تصفح المصدر
هذا الالتزام موجود في:
ghaymah_dev
2025-09-09 17:41:04 +00:00
التزام f1c48f22cc
1 ملفات معدلة مع 139 إضافات و0 حذوفات
تنزيل ملف التصحيح تنزيل ملف الاختلاف توسيع جميع الملفات طي جميع الملفات

139
exam1.md Normal file
عرض الملف

@@ -0,0 +1,139 @@
# بسم الله الرحمن الرحيم
## Exam Instructions for Ghaymah Course
### Exam Duration: 1 hour and 45 minutes (InshAllah).
### Requirements:
- **Operating System**: Ubuntu, Kali, or any Linux distribution.
- **Ghaymah Cloud Account**: Sign up here https://deploy.ghaymah.systems/
---
## **Important Instructions for All Students**
1. **Documentation is Mandatory:** For every question and sub-question, you must:
* Take a screenshot clearly showing the command you executed and its output in the terminal.
* Paste all screenshots into a single Google Docs or Microsoft Word document.
* Ensure each screenshot is clearly labeled with the question number (e.g., Q1a, Q1b, Q2c).
* For commands with long outputs, you may scroll and take multiple screenshots, but they must be contiguous and complete.
2. **Submission:**
* Save your document as: `YourFullName_GhaymahExam.docx` (or `.doc` / `.pdf`)
* Email the document to: **hr@ghaymah.systems**
* Subject Line: **Ghaymah Course Batch 1 Exam 1**
* The exam is incomplete without this submission.
3. **Honor Code:**
* This is an individual exam. You must perform all tasks yourself on your own machine or a provided VM.
* You may use man pages, official documentation, and notes, but seeking help from others or online forums is prohibited.
---
## **Section A: Deep Investigation & Analysis (60 marks)**
### **1. Process vs Service: Beyond Definitions (15 marks)**
a) Find three currently running services using `systemctl`. Screenshot the command and output.
b) Choose the `ssh` service (if not available, choose `nginx` or `apache2`) and investigate:
- Locate its main service file and show its path. Screenshot the command to find it and its contents.
- Find all processes related to this service and display the process tree. Screenshot the command and output.
- Identify which user account is running this service. Screenshot the proof.
c) Stop the SSH service temporarily using `systemctl stop sshd` (or your chosen service).
- What happens to its processes? Prove using `ps aux | grep ssh` (or your service). Screenshot.
- Now restart the service. What is the new PID compared to the old one? Screenshot the status before and after.
### **2. Filesystem & Permission Forensics (15 marks)**
a) Create this directory structure: `~/secure_data/confidential/`. Screenshot the command.
b) Inside `confidential/`, create a file `secret.txt` with the content "This is sensitive data." Screenshot.
c) Set permissions so that:
- Owner (you) has read, write, execute
- Group has read-only
- Others have no access
Screenshot the `ls -l` output showing these permissions.
d) Create a new user called `auditor`: `sudo adduser auditor`. Try to access the file as `auditor` (e.g., `sudo -u auditor cat ~/secure_data/confidential/secret.txt`). Screenshot the command and the permission denied error.
### **3. Advanced Networking & Port Analysis (20 marks)**
a) Port Scanning Investigation:
- Scan your local machine (localhost) using `nmap -sS -O 127.0.0.1`. Screenshot the output showing open ports.
- For each open port, find the exact process listening on it using `sudo ss -tulpn`. Screenshot the output.
b) Service Configuration Analysis:
- If you have SSH, focus on it. Otherwise, install/use `nginx` or another service.
- Locate its main configuration file (e.g., `/etc/ssh/sshd_config` or `/etc/nginx/nginx.conf`). Screenshot the command and the line that defines the port.
- Change the service to listen on port 2222 (for SSH) or 8080 (for nginx). Edit the config file, then restart the service. Screenshot the change and the restart command.
- Prove it is now listening on the new port using `sudo ss -tulpn | grep :2222` (or 8080). Screenshot.
c) Firewall & Routing:
- Use `sudo ufw deny 2222/tcp` (or your port) to block it. Or use `sudo iptables -A INPUT -p tcp --dport 2222 -j DROP`. Screenshot the command.
- Test that the port is now blocked. Try to connect: `ssh -p 2222 localhost` (should fail). Screenshot the failure.
- Remove the rule (`ufw delete deny 2222/tcp` or `iptables -D INPUT ...`). Screenshot the removal and then a successful connection test.
### **4. Process Management & System Monitoring (10 marks)**
a) Start three background processes: `sleep 500 &`, `yes > /dev/null &`, `tail -f /var/log/syslog &`. Screenshot the `jobs` command.
b) Monitor system resources using `top` (press '1' to see all CPUs). Let it run for a few seconds, then screenshot.
c) Identify the `yes` process consuming high CPU. Use `ps aux --sort=-%cpu | head -5` to find it. Screenshot.
d) Change its priority to the lowest: `sudo renice -n 19 -p [PID_of_yes]`. Screenshot the command and the updated `top` showing the nice value.
### **5. Ghaymah Cloud Platform Integration (25 marks)**
a) Installation & Setup:
```bash
curl -sSL https://cli.ghaymah.systems/install.sh | bash
```
Screenshot the entire installation process and output.
Verify installation: `ghaymah --version`. Screenshot.
b) Authentication & Account Management:
Login: `gy auth login`. Follow the prompts. Screenshot the successful login message.
Verify: `gy auth status`. Screenshot the output.
c) Project Management:
List Ghaymah projects. screenshot the output.
## **Submission Checklist**
- [ ] All screenshots are in one document.
- [ ] Each screenshot is clearly labeled (Q1a, Q1b, Q2a, etc.).
- [ ] Document is saved as `YourFullName_GhaymahExam.pdf`.
- [ ] Email sent to **hr@ghaymah.systems** with subject **Ghaymah Course Batch 1 Exam 1**.
**بالتوفيق ان شاء الله**