15 & CYBER SECURITY

1 . What is APT? - Advanced Persistant threat

2. Which of the following defines "Who has access to data" -

Answer : Data Privacy

3. In which year Data Protection Law enacted -

Answer : Not yet enacted

4. IT Act was enacted to provide legal recognition for -

Answer : e-commerce transactions

5. Which standard of BIS dealt with Data Privacy principles -

15 17428
6. What type of social engineering is this? You receive an Email from some
unknown person claiming to be representative of your bank and asking for your
account number and password so that they can fix your account - Phishing
7. As per Bank's information classification policy Unreleased company performance
data will be classified as - Confidential ·
8. Integrity aims - to protect the reliability, uniformity and correctness of
information
9. Which form of social engineering targets specific organization? -

Spear Phishing
10. Which of the following is not the objective of OLP system - Storing of sensitive
data in encrypted format.
11. As per Bank's Cyber Crisis Management Plan What is the definition of cyber
space - C)The interaction of people, software and services on the intranet and
internet by means of technology devices and networks connected to it.
12. The organization must take into consideration of various factors while developing
the privacy policy of the organization regarding the data collected or processed.
Which one of the following need not be considered? - GDPR
13. As per IT act punishment for dishonestly receives or retains any stolen device
shall be - maximum three years imprisonment or maximum fine of rupees one
lakh or with both
14. As per Bank's information policy Manuals, SOP documents should be
categorized as- Internal
15. As per Bank's information policy employee contact details should be categorized
as - Internal

16. If the personal data is no longer needed for which it was attained, it should be
deleted or destroyed unless there is a reason for retaining it.Which GDPR principle
will suggest this

Answer : Storage Limitation

17. Personal data must be accurate and kept upto date.It's important that old data
must be securely disposed of immediately-Which GDPR principle will suggest this?
Answer: Accuracy
18. Obscenity as an offense in electronic form is dealt with by which section of the
Indian IT Act? Answer : Section 67
19. Which section of IT Act provides indian CERT-in to serve as a national agency
for performing functions for cyber security incidents?

Answer : Section 708

20. Ensuring the accessibility of the data required to perform business even when
this data is lost or damaged is known as - Answer : Data Archival
21. Choose the odd one, if we speak about losses due to cyber attacks -Answer:
Loss of Human Intelligence
22. Which kind of malware restricts users from accessing their system or certain
critical files, until a demanded sum is paid -

Answer : Ransomware
23. General Data Protection Regulation Law enacted in which year -Answer: 2018
24. Key influence(s) for information security -Answer: All the above
25. Which of the following is not recommended as per Bank's password security
policy?- Answer : Password should be kept in written copy to remember
26. To whom user should report the virus detected and cleaned by antivirus?-
Answer : Authorised contact persons
27. Which of the following is related to password cracking- Answer : Brute Force
28. What is the penalty for breach of confidentiality and Privacy as per Indian IT
act?- Answer: Fine may extend to 1 lakh rupees and imprisonment for term
which may extend to 2 years
29. As a safety precaution all mails & filesreceived from external sources should be
opened and read- Answer : NO, mail from only known and trusted sources
should be selected.
30. Loss of portable device should be reported immediately to - Local police and to
the appropriate authority.
31. If the personal data is no longer needed for which it was attained, it should be
deleted or destroyed unless there is a reason for retaining it. Which GDPR principle
will suggest this?
A) Data minimisation
32. "Organisations must have a specific and legitimate reason for collecting and
processing personal information"- Which GDPR principle suggests this?
B) Purpose limitation
33. While leaving for the day the users should - D) Save the ongoing work, Close
all the applications and Shut down the desktop
34. As per Limitation on Personal Data Collection and Use which of the following
statement is NOT correct- B) Organisation need to provide monetary
compensation to the individuals whose personal data has been captured
35. Which of the following is not best practice when we speak about endpoint
security- ANSWER C) Desktop may have unapproved software running (in
contingencies) ·
36. As per Bank's Clear desk and clear screen policy which one of the following is
NOT correct- ANSWER- D) both 1 & 3 are correct
37. Which of the following statements is True? ANSWER: D) Users should not
share their passwords with anyone including colleagues and IT staff.
38. Which of the following is not a common source of precursor or indicator?
ANSWER : D) Authorized access on server
39. Section 66B of the IT Act relates to - ANSWER : A) Stolen device
40. Bureau of India Standards (BIS) introduced data privacy assurance standard in
the year-C)2021
41. What is anti-malware? ANSWER: C) Computer software used to prevent,
detect and remove malicious software
42. Which section of the Indian IT Act covers Identity Theft? ANSWER B) Section
66C
43. data protection strategy of an organisation will ensure. ANSWER D) All the
above