CERT.GOV.AZ RFC 2350

1. Document Information 
This document describes CERT.GOV.AZ in accordance with RFC 2350.

1.1 Date of Last Update 
  Version 1.3 published on 16.03.2020

1.2 Distribution List for Notifications 
Notifications about changes in this document are spread through our mailing

1.3 Locations where this Document May Be Found 
The current version of the given document is accessible through a CERT.GOV.AZ’ web site: 
https://www.cert.gov.az/cert.gov.az-rfc2350.txt

The last version of the document also can be received on demand on

2. Contact Information

2.1 Name of the Team 
 CERT.GOV.AZ: Azerbaijan Government CERT (eng). 
 CERT.GOV.AZ: Azərbaycan Dövlət KİMM (aze).

2.2 Address 
Special Communication & Information Security State Service of Azerbaijan 
Azerbaijan Government CERT 
Niyazi str, 23 
Baku, Azerbaijan

2.3 Time Zone 
Asia/Baku (GMT+4)

2.4 Telephone Number 
+994 12 435 28 25

2.5 Facsimile Number 
 +994 12 435 28 31

2.6 Other Telecommunication 
None.

2.7 Electronic Mail Address 
 
 

2.8 Public Keys and Encryption Information 
CERT.GOV.AZ uses PGP for digital signatures and to receive encrypted information. The key is available on PGP/GPG key servers (http://keyserver.pgp.com) and at https://www.cert.gov.az/cert-gov-az-pgp.asc. 
Information about the key:

Pub RSA-2048/0x31A8218B 
Key fingerprint = 9DB0 6BB5 58AF DBAC BA66 781E 29E2 BE0D 31A8 218B 
Uid Info <>

2.9 Team Members 
 Tural Mammadov is the Chief of Azerbaijan Government CERT.  A full list of other members is not publicly available.

2.10 Other Information 
General information about CERT.GOV.AZ in English language is available at https://cert.gov.az/en/page/about. Information in Azerbaijan language is available at https://cert.gov.az/az/page/about.

2.11 Points of Customer Contact 
The preferred method of contacting CERT.GOV.AZ is via e-mail at info@cert.gov.az. 
If for any reasons (for example, for safety reasons) use of e-mail is impossible, CERT.GOV.AZ is available by phone (during an operable time). 
CERT.GOV.AZ operable time: from 09:00 till 18:00 in the working days. 
Outside of an operable time the member of group regularly checks the mentioned e-mail address.

3. Charter

3.1 Mission Statement 
CERT.GOV.AZ offers assistance in computer and network security incident handling and provides incident coordination functions for all incidents involving systems and networks located in state sector of Azerbaijan Republic.

3.2 Constituency 
Constituency of CERT.GOV.AZ – all networks and the users allocated in state sector of the Azerbaijan Republic.

3.3 Sponsorship and/or Affiliation 
  Parent organization for CERT.GOV.AZ is the Special Communication and Information Security State Service of the  Azerbaijan Republic.

3.4 Authority 
CERT.GOV.AZ operates with the authority delegated by Special Communication and Information Security State Service of the Azerbaijan Republic. The group has no powers to stop activity of this or that resource within the competence, but for the decision of corresponding questions reserves the right to itself for their transfer on consideration in corresponding law enforcement bodies.

4. Policies

4.1 Types of Incidents and Level of Support 
CERT.GOV.AZ operates with following computer incidents. Support level depends on incident and its type and is determined by members of group.

• Violation of working potential of basic nodes of a network and resources of the big servers, attacks which can cause crash of the system information;
• The network attacks directed on obtaining (increase) of privileges;
• Attacks as DoS (Denial of Service) and DDoS, directed on information resources of state structures and separately taken hosts;
• Purposeful sending of viruses; destruction of systems of protection of information networks, including application of harmful programs (sniffer, rootkit, keylogger etc.);
• Scanning of national information networks and hosts;
• Search or interception of passwords and other authentication information;
• Unapproved usage of information resources.

 4.2 Co-operation, Interaction and Disclosure of Information 
CERT.GOV.AZ gives a guarantee to the suffered person about nondisclosure of the information, received during investigation of given incident, to the third party.

4.3 Communication and Authentication 
Preferable method of communication is via e-mail. When the content is considered sensitive enough or demands authenticity check, CERT.GOV.AZ uses PGP key for signing e-mail messages. All sensitive communication to CERT.GOV.AZ should be encrypted by the team’s PGP key. Alternative methods can be agreed by phone.

5. Services

5.1 Incident Response 
CERT.GOV.AZ will assist system administrators in handling the technical and organizational aspects of incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:

5.1.1. Incident Triage

• investigating whether indeed an incident occurred;
• determining the extent of the incident.

 5.1.2. Incident Coordination

• determining the initial cause of the incident (the used vulnerability);
• facilitating contact with other sites which may be involved;
• making reports to other CERT/CSIRT teams;
• composing announcements to users, when applicable.

 5.1.3. Incident Resolution

• removing the vulnerability;
• liquidation of consequences of incident;
• evaluating of possible additional actions taking into account their cost and risk;
• provide assistance in evidence collection and data interpretation when needed.
• In addition, CERT.GOV.AZ will collect statistics concerning incidents and will notify the community as necessary to assist it in protecting against known attacks.

 5.2 Proactive Activities

• Information services: 
  CERT.GOV.AZ publishes advisories for events and incidents that are considered of special importance to users in the constituency. Information is disseminated via various channels (web, RSS feeds, mailing lists etc).
• Training services: 
  Members of CERT.GOV.AZ periodically hold seminars on various aspects of information and network security.

6. Incident Reporting Forms 
Incidents can be send via - ticketing system, e-mail and incident submit form (https://cert.gov.az/en/report).

7. Disclaimers 
While every precaution will be taken in the preparation of information, notifications and alerts, CERT.GOV.AZ assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.