UPSC Prelims Practice Questions — ‘Security agencies use open source intelligence’
Q1. Within the Union Government, which entity is the nodal Division that operationalises cyber and information-security functions, including the OSINT practice disclosed to Parliament?
- A. Cyber & Information Security (C&IS) Division, Ministry of Home Affairs
- B. Indian Computer Emergency Response Team, Ministry of Electronics and IT
- C. Defence Cyber Agency, Ministry of Defence
- D. Cyber Diplomacy Division, Ministry of External Affairs
Q2. Which one of the following best describes Open Source Intelligence (OSINT) as used by security agencies?
- A. Intelligence derived from overt, publicly available sources analysed for security purposes
- B. Interception of private electronic communications carried out under a lawful order
- C. Intelligence collected covertly from human informants and field agents
- D. Intelligence produced from satellite and aerial imagery of terrain and installations
Q3. Under the Information Technology Act, 2000, which single section is the statutory basis for designating the national nodal agency for protection of Critical Information Infrastructure?
- A. Section 70A
- B. Section 69
- C. Section 70B
- D. Section 66F
Q4. With reference to the legal framework governing intelligence collection in India, consider the following statements:
1. Section 69 of the IT Act, 2000 empowers interception, monitoring and decryption of digital information under a government order.
2. CERT-In is the national agency for responding to cyber security incidents under Section 70B of the IT Act, 2000.
3. The DPDP Act, 2023 permits the central government to exempt instrumentalities of the State on grounds such as security of the State.
4. OSINT collection of public-domain information requires a prior interception order under Section 69.
Which of the above is/are correctly identified?
- Section 69 of the IT Act, 2000 empowers interception, monitoring and decryption of digital information under a government order.
- CERT-In is the national agency for responding to cyber security incidents under Section 70B of the IT Act, 2000.
- The DPDP Act, 2023 permits the central government to exempt instrumentalities of the State on grounds such as security of the State.
- OSINT collection of public-domain information requires a prior interception order under Section 69.
- A. 1, 2 and 3
- B. 1, 2 and 4
- C. 2, 3 and 4
- D. 1 and 4
Q5. The MHA's disclosure that security agencies scrape public social media for OSINT was placed before which parliamentary standing committee?
- A. Standing Committee on Communications and Information Technology
- B. Standing Committee on Home Affairs
- C. Standing Committee on Defence
- D. Standing Committee on Personnel, Public Grievances, Law and Justice
Q6. On what ground did the MHA assert that the OSINT practice does not violate privacy?
- A. Only publicly available information is collected and no private or personal data is gathered
- B. All collected data is fully anonymised before it is ever stored
- C. Every instance of collection is backed by an order under Section 69 of the IT Act
- D. Consent is invariably obtained from every social-media user before collection
Q7. With reference to the National Intelligence Grid (NATGRID), consider the following statements:
1. It is mandated to create a framework for data access from 21 provider organisations.
2. It functions under the Ministry of Home Affairs.
3. Its services are available only to the Intelligence Bureau and not to State police forces.
Which of the statements given above is/are correct?
- It is mandated to create a framework for data access from 21 provider organisations.
- It functions under the Ministry of Home Affairs.
- Its services are available only to the Intelligence Bureau and not to State police forces.
- A. 1 only
- B. 1 and 2 only
- C. 2 and 3 only
- D. 1, 2 and 3
Q8. Which one of the following best describes NATGRID?
- A. An IT platform integrating databases of multiple provider organisations to give security and law-enforcement agencies access to real-time information
- B. A central repository storing biometric and demographic identity data of residents
- C. The nodal agency for receiving and coordinating cybercrime complaints
- D. The national nodal agency for protection of Critical Information Infrastructure
Q9. With reference to intelligence-collection disciplines, consider the following statements:
1. SIGINT is derived from interception of signals and communications, whereas OSINT relies on publicly available sources.
2. HUMINT is gathered from human sources such as informants and agents.
3. GEOINT (IMINT) is derived from interception of telephone conversations.
Which of the statements given above is/are correct?
- SIGINT is derived from interception of signals and communications, whereas OSINT relies on publicly available sources.
- HUMINT is gathered from human sources such as informants and agents.
- GEOINT (IMINT) is derived from interception of telephone conversations.
- A. 1 and 2 only
- B. 1 and 3 only
- C. 2 and 3 only
- D. 1, 2 and 3
Q10. As per the MHA's submission, which of the following content types are correctly identified as material that security agencies scrape from public social media for OSINT?
1. Deepfakes and morphed media
2. Fake news and misinformation
3. Viral communal-hate content
4. Private direct messages exchanged between users
Which of the above is/are correctly identified?
- Deepfakes and morphed media
- Fake news and misinformation
- Viral communal-hate content
- Private direct messages exchanged between users
- A. 1, 2 and 4
- B. 1, 2 and 3
- C. 2, 3 and 4
- D. 1 and 3
Q11. With reference to the privacy-versus-security debate in India, consider the following statements:
1. In K.S. Puttaswamy v. Union of India (2017), a nine-judge Bench held the right to privacy to be a fundamental right under Article 21.
2. OSINT collects only publicly available information, whereas interception under Section 69 of the IT Act involves access to private communications requiring legal authorisation.
3. The DPDP Act, 2023 prohibits the central government from granting any exemption to State agencies.
Which of the statements given above is/are correct?
- In K.S. Puttaswamy v. Union of India (2017), a nine-judge Bench held the right to privacy to be a fundamental right under Article 21.
- OSINT collects only publicly available information, whereas interception under Section 69 of the IT Act involves access to private communications requiring legal authorisation.
- The DPDP Act, 2023 prohibits the central government from granting any exemption to State agencies.
- A. 1 only
- B. 1 and 2 only
- C. 2 and 3 only
- D. 1, 2 and 3
Q12. With reference to the 'Five Eyes' intelligence-sharing alliance, which of the following are correctly identified as its members?
1. United States
2. United Kingdom
3. New Zealand
4. Japan
Which of the above is/are correctly identified?
- United States
- United Kingdom
- New Zealand
- Japan
- A. 1, 2 and 3
- B. 1, 3 and 4
- C. 2, 3 and 4
- D. 1, 2 and 4