final report
helpmeout11
20170908173857coop_fa.pdf
3
Table of Content
Acknowledgments .............................................................................................. 2
Abstract............................................................................................................. 5
1. Introduction ................................................................................................... 7
1.2 Student's Tasks: ......................................................................................... 7
1.3 Training Objectives: ................................................................................... 7
2. Technical Section ............................................................................................ 8
2.1 Networks: ................................................................................................. 8
2.2 ITIL ......................................................................................................... 10
2.3 Help Desk System .................................................................................... 12
2.4 Linux &Ubuntu & Operating systems: ........................................................ 16
2.5 Enterprise Fingerprint System ................................................................... 18
2.6 Security Basics ......................................................................................... 21
2.7 Trend Micro ............................................................................................ 23
2.8 Transaction management System .............................................................. 26
2.9 System Applications and products (SAP)..................................................... 26
Conclusion: ...................................................................................................... 30
Reference ........................................................................................................ 30
4
Table of Figures:
Figure 1 summary of the history of network ......................................................... 8
Figure 2 TCP/IP VS IOS model ............................................................................. 8
Figure 3 ITIL Life Cycle ....................................................................................... 10
Figure 4: customer view .................................................................................... 13
Figure 5: home page ......................................................................................... 14
Figure 6: requests page ..................................................................................... 14
Figure 7: Dashboard page .................................................................................. 15
Figure 8: Admin page ........................................................................................ 15
Figure 9: report page ........................................................................................ 15
Figure 10: support page .................................................................................... 15
Figure 11: Ubuntu commands ............................................................................ 17
Figure 12 Fingeprint Machine ............................................................................ 18
Figure 13 HandNet , Fingerprint software ........................................................... 18
Figure 14 Finferprint Admin Scenario Step1 ........................................................ 19
Figure 15 Finferprint Admin Scenario Step2 ........................................................ 19
Figure 16 Finferprint Admin Scenario Step3 ........................................................ 20
Figure 17 Finferprint Admin Scenario Step4 ........................................................ 20
Figure 18: Kaspersky problem ............................................................................ 23
Figure 19: scanning all OS .................................................................................. 24
Figure 20: updating ........................................................................................... 24
Figure 21 step 1 ................................................................................................ 25
Figure 22 step 2 ................................................................................................ 25
Figure 23 Wordpress website 1 .......................................................................... 27
Figure 24 Wordpress website 2 .......................................................................... 27
Figure 25 Wordpress website 3 .......................................................................... 28
Figure 26 Wordpress website 4 .......................................................................... 28
Figure 27 Wordpress website 5 .......................................................................... 29
Figure 28 Wordpress website 6 .......................................................................... 29
5
Abbreviation
CCNA Cisco Certified Network Associate
ITIL Information Technology Infrastructure Library
DMSCO Dawa Medical Service Company
TCP/IP Transmission Control Protocol/Internet Protocol
6
Abstract
This report illustrates the cooperative training program at Al-Dawaa Medical Services
Company, and describing the technical skills and knowledge that have been taken
during the ten weeks of the training. Also it includes the detailed information about
the tasks that have been done and the skills that have been gained.
In this report I will go through the several topics that we took and learned about
which they are:
CCNA Fundamentals & Networking tools and technologies.
Unix – Linux – other support programs.
Hardware support & analysis – Remote support & ITIL
Enterprise finger print system & Security basics - Trend micro.
Transaction management
Wordpress
This report is divided into two sections:
The First section includes: Description of the training provider and the task that
was assigned to each student, also the training objectives.
The second section: Details of the work experience and the Training tasks.
Finally, the last section of the report is the conclusion including appendices and
References.
7
Introduction
1.1 Training Provider DMSCO:
Al-Dawaa Medical Services Company is one of the leading Companies of
pharmaceutical and customer service networks in Saudi Arabia, by following growth
strategy and propagate activities in the last twenty years , DMSCO has extended its
business to cover the nutrition and skin care products. Their missions are providing
the optimal services and products to the customers to be the only and first destination
through its main branches located in Dammam, Riyadh, Jeddah, Ahsaa, Tabuk, Sakaka
and Abha. Although, DMSCO has 500 branches in Saudi Arabia, one of its objectives is
to expand into the western and southern areas of the Kingdome.
DMSCO expansion strategy includes reaching the global , it has opened commercial
offices in UK and UAE and official sub-distributors for DMSCO’s products are available
in Egypt, Kuwait, Qatar, Bahrain, UAE, Lebanon, Oman, Jordan and Nigeria.
However, DMSCO has several departments one of them is the IT department which
concerns about the systems and hardware use in DMSCO branches. It includes
different sub-department such as networking, web development, maintenance and
system support.
1.2 Student's Tasks:
DMSCO assigned us to work with IT group to train us on different systems and
hardware that have been used in the company. Also they introduce us to new topics
and subjects that will benefit us as Information System Students. After that, they
assigned us to design webpages using Wordpress, upgrading software and writing
reports.
1.3 Training Objectives:
Get knowledge about the real life environment and hot to deal with real coworkers.
Gaining the knowledge and technical skills
A real experience of dealing with time management, creates plans, set goals and
meet deadlines.
8
2. Technical Section
During the co-op program period, DMSCO IT department assigned me to complete
different tasks. The following section shows the details of each task that has been
done.
2.1 Networks:
The instructor covers all the important terms in networks. We took an overview of
network field and how important it is, also the work nature of computer networking.
Our instructor also introduces us to CISCO Certificates and what certificate to consider
when we want to continue our education in Network (CCNA, CCNP). Next we moved
to computer networks Features and Goals, history and topology.
History of network:
Figure 1 summary of the history of network
Figure 2 TCP/IP VS IOS model
Removable Media
Mainframes IBM Network TCP/IP Model OSI Model
9
Network topology:
1. Bus topology
2. Ring topology
3. Mesh topology
4. Hybrid topology
5. Tree Topology
Networking Media:
Figure 3: wired network media
Network and Internet technologies:
The instructor also talked about Network and Internet technologies:
Internet of Things
VOIP
OSI Layer Protocols:
Different protocols work in OSI layer, those protocols were explained:
TELNET
SSH
FTTP vs TFTP
RDP
NTP
11
2.2 ITIL
Instructor explained ITIL in these points:
1. ITIL definition
2. Why use ITIL?
3. ITIL Related goals
4. ITIL Processes, Lifecycle
.
5. Deming Cycle and ITIL:
Dr. William Edwards Deming Cycle is responsible for much of Japan’s success is
manufacturing and business
Deming Cycle vs. ITIL Lifecycle:
Deming Cycle ITIL Lifecycle Stage
Plan Service Strategy & Design
Do (Implementing) Service Transition & Operation
Check (Auditing) Continual Service Improvement
Act (Improving) Continual Service Improvement
Table 1 :Deming Cycle vs. ITIL Lifecycle
Figure 3 ITIL Life Cycle
11
6. ITIL Highlights
Lifecycle, Stages and Processes, CSI
Service Desk (Help desk) functions
Measuring and Metrics
Asset Management
Change Management
Knowledge Management
Communication
12
2.3 Help Desk System
Overview:
Successful companies pay a hug attention on their customers; Help Desk is a tool to
achieve that! Help Desk is a way of communication between Information Technology
(IT) Staff and their customer (the rest of company’s staff) regarding troubleshooting or
technical support. Al-Dawaa Pharmacy used this system to sustain the customer
intimacy. The Edition they are using is enterprise edition vended by Manage Engine.
There is two ways to use the system by customer: either requesting a service or
sending a problem.
Roles and Responsibilities:
User Privilege
Customer Send a service request or problem.
Check the request statues
Technician Solves problem
Administrator
Assign tasks to technician
Customize the help desk view
Grant privilege to other administrators with the specified
privilege.
Other
Administrators
Preform responsibilities that a main administrator has given.
Example of this type of user is: Site administrator for Dammam
branch.
Table 2: Roles and responsibilities
13
Users’ Privilege Explanation (Customer and Admin):
The customer is the requester for a service or solution. On the other hand, the admin
take control of everything to guarantees a pleasant service for the customer.
Customer:
This is the home page for customer (requester). As shown on figure , the Home page
contains five panels:
Request Summary: shows the status of the request.
Announcement: to see the recent notifications and updates.
Submit your query: to send new service request or problem
Popular Solutions: to take a look at some suggested solution that will saves time.
Portal Usage: Steps to guide requester.
The rest of the tabs shown are:
Request: previous requests that were sent.
Solution: solutions sent by technician to read.
My Details: information about requester like a profile page.
Admin:
The admin has the greatest privilege of all the users. Admin’s view of help desk
is different than other users in term of services shown and the capabilities. Admin can
schedule the monthly time table, define future tasks to work on, and manage the
overall processes. On the table below some actions that admin is authorized to do
along with screen shots of help desk:
Figure 4: customer view
14
The Tab features Figure
The home tab: 1- Main home: This page is dived into three section: announcement for recent notification, tasks, and summary. The tasks section enables the admin to define new tasks to work on such as opening new branch in Khobar; this tasks will result in different requests. The summary section shows the overdue requests, the completed ones, and much more. 2- Requests: All the request (problems and service requests) are shown in this page. The admin can assign these request to the suitable technician, delete if it’s not appropriate, and add supportive notes to the request if necessary. The admin is able to see the conservation between the technician and customer in case of the problem recurs and the customer wants to reopen the request session. Some requests need approval from the manger, therefor, admin must send the request to the manager to approve and mark the statues as waiting for approval to keep the customer informed.
Figure 5: home page
Figure 6: requests page
Dashboard page provide a detailed statistical view on different parameter such as (how many problems solved by a specific technician). This help in future improvement; it’s like taking these graphs and statistics as Key Performance Indicator(PKI) to see how much Al-Dawaa using this system effectively.
15
Figure 7: Dashboard page
The Tab features Figure
The admin page shows the exclusive features that admin is capable of doing. These features shown on the figure are:
Customization: customize the edition like what are the features that users can use?
Organizational details: provide the authentic organizational information for the vendor to make the edition valid to work.
Users: define the users with their information and roles.
Figure 8: Admin page
This page reports help the admin in report directed to the manger to see how is the ongoing process. Admin can customize the report in term of different parameter selected as shown.
Figure 9: report page
This support page is a communication page between admin and the vendor. Admin can report problems encountered in help desk, ask for updated version, and request and access to the log files.
Figure 10: support page
Table 3: Admin part in help desk
16
2.4 Linux &Ubuntu & Operating systems:
Linux features:
More secure
More supportive
More stable: most servers depend on open source
More contributive
Simple
Linux family tree
Operating Systems:
Operaiting system and languages:
Most GUI runs on C langauge.
Paython programming is a direct way to write the code to the machine.
Ubuntu:
how to secure ubuntu server
Kubuntu:
it’s the GUI version of Ubuntu
Kali Linux:
Brief introduction about kali
Follow the offensive approach which states that “you better hack yourself before
others hack you”.
17
Training and books:
https://www.offensive-security.com/information-security-training/penetration-
testing-training-kali-linux/
downloading and installasion:
Virtual box
Black box
Sycruity types:
Offensive
Defenseve
Ubuntu
Ubuntu installation:
Installing Ubuntu require that your computer have the enough RAM and hard disk
memory.
Ubuntu partitions:
There are three partition must be defined during installation: root, swap memory and
home. The root partition (\) is the top directory where all files originate from. Swap
partition is virtual RAM where inactive processes are swapped with active ones for
more efficiency. A good practice is that your swap memory should be double the
RAM. For the home partition (/home), it is more secure if you moved all the document
into one filesystem.
Ubuntu commands:
The main commands were taking during the lecture is summarized in the figure
below:
Figure 11: Ubuntu commands
18
2.5 Enterprise Fingerprint System
The instructor explains Finger print system how it is used to authenticate user
attendance. DMSCO uses Schlage the HandPunch 3000 biometric hand reader for
that. Schlage vendor provide applications called Employee Attendance Software along
with the physical The HandPunch 3000.
User privilege
Admin Define new employee fingerprint
Verify new user
drop employee fingerprint
Regular employee
Uses Finger print system to mark present.
Every day, the admin chick the performance of HandPunch via Employee Attendance
Software, if there is problem it has to be reported to the IT department. There are
two methods to check the performance of HandPunch; explained in the table below:
Check method explanation
Manually Covers the regions that have an Ethernet connection
automatically Covers the regions that have a 3G connection each 48 hours
Figure 13 HandNet , Fingerprint software Figure 12 Fingeprint Machine
19
The HandPunch 3000 offers optional Ethernet connectivity and multiple memory
upgrades to grow with your company's needs. In addition to providing all the features
of the HandPunch 2000, it also includes:
Optional Internal Ethernet or RS485 Network Communications
Edit-at-the-Clock Functions
Bell Schedules
Door Control
Admin Role Scenario:
1- Extract the attendance information from the hand reader.
2- Wait for the connection to happen from all DMSCO branches in Saudi Arabia; if no
connection were established, the admin can simply retry or else report the problem to
the specialists.
Figure 14 Finferprint Admin Scenario Step1
Figure 15 Finferprint Admin Scenario Step2
21
3- Select a group or branch to view.
4- view employees’ information
Figure 16 Finferprint Admin Scenario Step3
Figure 17 Finferprint Admin Scenario Step4
21
2.6 Security Basics
Introduction to importance of security:
Shows how the social media integrated with business so it needs strong security
support to avoid loss of information.
Information security overview:
1- Malware trends
2- Essential terminology in security:
3- Element of information security:
4- The Security, functionality and usability triangle:
Define the level of security in any system.
Information security Threats and attacks vector:
1- Define the goals, motive and objectives of information security attacks.
2- Information security attacks vectors.
3- Information security threats categories.
4- Types of attacks.
5- Information warfare.
Hacking concepts, types, and phases:
1- What is hacking
2- Who is the hacker
3- Hacker classes
4- Hacking phases
Ethical hacking concepts and scope:
1- What is ethical hacking
2- Why ethical hacking is necessary
3- Ethical hacker skills
22
Information security controls:
1- Information Assurance.
2- Information security management program.
3- Threat modeling
4- Enterprise information security architecture (structure and behavior of organization's
information systems)
5- Network security zoning
6- Information security policies.
7- Types and examples of security policies.
8- Privacy policies at workplace.
9- Steps to create and implement security policies
10- Physical security and how to control it.
11- Incident management definition, process, and team responsibilities.
12- Vulnerability assessment and its types.
13- Network vulnerability assessment methodology.
14- Vulnerability research
15- Penetration testing.
16- Comparison of security audit, Vulnerability research and Penetration testing.
Overview of EC-Council courses.
Security aspects: To increase the security in any organization, the security aspects must be
implemented, and these are defensive, offensive and analysis.
1. Defensive
2. Offensive
3. Analysis
Firewall
Public/Private certificate:
Trend micro Deep Discovery: Trend micro is a security software, founded in 1989.It provide a security
for servers, cloud computing environments, consumers, and small, medium and
enterprise businesses.
23
Figure 18: Kaspersky problem
2.7 Trend Micro
Install Trend micro office scan on all the section in DMSCO
Additional responsibilities:
The full responsibility lays on us when using employees’ computer If any problems
were encountered, we should search about it and solve it otherwise we shall contact
Mr. Ahmed
Full Details:
On the third part of Security basics series, we have finally got to see how valuable
trend micro company is by trying their office scan software. Office scan anti-virus is
used in DMSCO to ensure security and avoid threats. The task that were given is
mainly divided into three sub-tasks
Installation and configuration:
This sub tasks involves setting up the computer then install trend micro office scan
software. Refer to section C for installing steps.
Handling issues during installation:
There are some issues we’ve encountered during the installation; however, we
proudly solve them all. Example of these problems is:
o Programs that contradict office scan and disable it from working such as: Kaspersky.
The solution was to delete them.
o Windows defender needed permission to activate the
office scan. The solution was to disable it and give the
full administration to office scan.
o Kaspersky couldn’t be deleted. Problem was reported to
Mr. Ahmed
24
Figure 20: updating Figure 19: scanning all OS
Updating and scanning:
Trend micro office scan should be updated to the latest version. After that, we can
scan all the operating system to find any bugs.
25
Installation Process
On the installation of trend micro, there are steps that should be followed:
1) Uninstall Kaspersky.
2) Uninstall Kaspersky endpoint.
3) Install trend micro office scan.
4) Restart your computer.
5) Update then scan office scan.
At the end our instructor introduce us to SANS institute policy template.
Figure 22 step 2
Figure 21 step 1
26
2.8 Transaction management System
MS Access:
the application helps to manage data. In DMSCO they have dig data of employee,
stores, etc. And we try to browse certain tables. We learned how to manipulate the
content without needs to code. One of the tasks required is to take come part of
records like 90 around 40000.
2.9 System Applications and products (SAP)
It is an enterprise resource planning that manages all the business process in a
certain company. SAP has two famous versions: small business edition and
enterprise edition.
Content management system:
Joomla: the instructor introduces us to Joomla and how can we get benefit from it.
Joomla is an open source content management system that allows user to create
websites.
WordPress:
It is a content management system that creates websites with plugins the desired
content. No coding is involved unless you an advanced user, you can easy edit the
source code. Recently, companies tend to create easy and simple tool.
27
Here is the website that we created using Wordpress:
Figure 33 Wordpress website 1
Figure 24 Wordpress website 2
28
Figure 25 Wordpress website 3
Figure 26 Wordpress website 4
29
Figure 27 Wordpress website 5
Figure 38 Wordpress website 6
31
Conclusion:
In conclusion I want to say that work experience is the best way to improve anyone
skills by get in touch with experienced workers who has the knowledge and
experience, so training in DMSCO Company was a great experience to achieve that
and also to apply the knowledge I gain from university. DMSCO Company. At the end,
this training program has achieved its objectives.
31
Reference:
DMSCO website, http://www.aldwaa.com
http://www.ubuntu.com/. Accessed: Jun. 22, 2016.
http://searchnetworking.techtarget.com/tutorial/Introduction-to-firewalls-Types-of-
firewalls
http://www.tldp.org/HOWTO/SSL-Certificates-HOWTO/x64.html
https://en.wikipedia.org/wiki/Trend_Micro
