Cert. Az description as per RfC 2350
Yüklə 68,65 Kb. Pdf görüntüsü
|
| Contact Cyber Security Center (CSC) Computer Emergency Response Team (CERT)
Block 702, Drogal lane Baku, Azerbaijan
+99412 4932056
+99412 4932057 Fax: +99412 4981800 E-mail: info@cert.az
Cyber Security Center under Ministry of Communications and High Technologies of the Republic of Azerbaijan 2014
Contents 1 Document information .......................................................................................................... 4 1.1 Date of Last Update......................................................................................................... 4 1.2 Distribution List for Notifications ................................................................................... 4 1.3 Location of the document ................................................................................................ 4
2.1 Name of the Team ........................................................................................................... 5 2.2 Address ............................................................................................................................ 5 2.3 Time Zone ....................................................................................................................... 5 2.4 Telephone Number .......................................................................................................... 5 2.5 Facsimile Number ........................................................................................................... 5 2.6 Other Telecommunication ............................................................................................... 5 2.7 Electronic Mail Address .................................................................................................. 5 2.8 Public Keys and Encryption Information ........................................................................ 5 2.9 Team Members ................................................................................................................ 6 2.10 Other Information ........................................................................................................... 6 2.11 Points of Customer Contact ............................................................................................. 6 3 Charter ................................................................................................................................... 7 3.1 Mission Statement ........................................................................................................... 7 3.2 Constituency .................................................................................................................... 7 3.3 Sponsorship and/or Affiliation ........................................................................................ 7 3.4 Authority ......................................................................................................................... 8
4.1 Types of Incidents and Level of Support ........................................................................ 9 4.2 Co-operation, Interaction and Disclosure of Information ............................................... 9 4.3 Communication and Authentication................................................................................ 9 5 Services ................................................................................................................................. 10 5.1 Incident Response ......................................................................................................... 10 5.1.1 Incident Triage ........................................................................................................ 10 5.1.2 Incident Coordination ............................................................................................. 10 5.1.3 Incident Resolution ................................................................................................. 10 5.2 Proactive Activities ....................................................................................................... 10 6 Incident Reporting Forms ................................................................................................... 11 7 Disclaimers....................................................................................................................... 12
1. Document information 1.1. Date of Last Update This is the 1.2 version, published 19 may, 2015
This profile is kept up-to-date on the location specified
www.cert.az
2. Contact Information
2.1. Name of the Team Short name: CERT-AZ Full name: Cyber Security Center
Address Azerbaijan, Baku, Drogal lane, block 702
Time Zone UTC/GMT+04:00
+99412 4932057 +99412 4932056
Facsimile Number +99412 4981800
Not applicable.
For Security incidents to:
reports@cert.az
team@cert.az
info@cert.az
2.8. Public Keys and Encryption Information The CERT-AZ has a PGP key. User ID:
team@cert.az
Key ID:
0xA5E67725
Fingerprint: 73B99C81E49F8EF3E3A761B9A4B1F6B0A5E67725
The key and its signatures can be found at public key servers like pgp.mit.edu. 2.9. Team Members No information is provided about CERT.AZ team members in public.
Further information about CERT.AZ can be found at: http://www.cert.az/en/about- us.html
2.11. Points of Customer Contact An available way for contacting CERT.AZ is via e-mail.
reports@cert.az is available for security incident reports and related issue. team@cert.az at is available for technical issues. info@cert.az is available general inquiries and non-emergency issues.
If it is impossible (or advisable due to security reasons) to use e-mail, you can connect with us via telephone at 99412 4932057 99412 4932056
Hotline:
www.1654
Office hours for CERT.AZ are generally restricted to local regular business hours: Mon-Fri, 9 a.m. - 6 p.m.
3. Charter
Mission Statement Center’s mission is to create and defend a better and safer cyber environment in the country while:
To coordinate the action of information infrastructure subjects,
To report about existing and potential risks at country level,
To educate public, private and other institutions in the field of cyber security and providing methodological assistance to them
The constituency of CERT.AZ is basically public and private sector. The main areas of responsibility of CERT-AZ are:
Engages in reporting on existing and potential threats in the field of cyber security at country level, as well as educating the public, private and other institutions
Collects and analyzes information incoming from users, software and hardware productions, similar structures in foreign countries and other sources, about cyber security attacks, illegal intrusions and malicious codes against Information systems and networks
how to avoid detected security vulnerabilities
Sponsorship and/or Affiliation
CERT-AZ is a Center which is created under the Ministry of Communications and High Technologies ( www.mincom.gov.az ). It is funded on state budget.
CERT-AZ is affiliated with FIRST, the global Forum of Incident Response and Security Team as a full member as well as TI (Trusted Introducer for European CERTs) as an accredited member and Anti-Phishing Working Group (APWG). CERT-AZ continues affiliations with various CSIRTs around the world as needed. It also has cooperation with CERT Coordination Center.
CERT.AZ has a formal authority to advice:
The laws of the Azerbaijani Republic
The decrees and instructions of the President of the Azerbaijani Republic
The resolutions and instructions of the Cabinet of Ministers of the Azerbaijani Republic
The international treaties which participant is the Azerbaijani Republic,
The regulations on the Ministry of Communications and High Technologies of the Azerbaijani Republic the regulatory legal acts accepted by the Ministry, and this Provision.
4. Policies
Types of Incidents and Level of Support We have an authority to solve all kind of security incidents which occur or threaten to occur. The level of support of CERT.AZ depends on the type and severity of the issue or incident, the type of constituent. Our center is committed to keeping public informed of potential vulnerabilities.
Co-operation, Interaction and Disclosure of Information In case of accomplishment of the tasks and implementation of the rights the Cyber Security Center interacts with the Ministry of Communications and High Technologies and the structures subordinated to it, central and local executive bodies, local government bodies and non-governmental organizations, the international organizations, and also the legal entities and physical persons specializing in information security field. CERT.AZ makes relations with some other CSIRTs. We cooperate with Georgian, Iran, Israil and Bulgarian CERT’s.
Communication and Authentication For
international communications ordinary precautions apply – like
communicating to/via previously trusted and listed teams (TI) and using PGP. Key people know each other personally before any significant cooperation occurs.
5. Services
Incident Response CERT-AZ defines, assesses and prioritizes all types of ICT incidents. In particular, it will provide assistance or advice with respect to the following aspects of incident management:
Investigating whether incident is authentic
Determining type of the incident
Assessing the incident 5.1.2 Incident Coordination
Determining and contacting involved organizations.
Assisting contact with other organs including law enforcement, if needed.
Make relations with media, if necessary. 5.1.3 Incident Resolution
Following up the incident solution process.
Collecting evidence and interpreting data
Asking for reports
Proactive Activities
to inform people about existing threats and incidents in the field of cybersecurity
to implement educational events about information security For other information, follow http://www.cert.az/en/services.html
6. Incident Reporting Forms There are no special forms available.
7. Disclaimers
While every precaution will be taken in the preparation of information, notifications and alerts, CERT.AZ assumes no responsibility for errors or omissions, or for damages resulting from the use of the information contained within.
Yüklə 68,65 Kb. Dostları ilə paylaş:
|