UPSC Prelims Practice Questions — How safe is India’s critical national infrastructure?

Q1. As per the Information Technology Act, 2000, the term "Critical Information Infrastructure" is best defined as which one of the following?

  • A. Any computer network declared by CERT-In as vital to the functioning of the internet in India
  • B. A government-owned data centre notified by MeitY for storing citizens' biometric data
  • C. A computer resource, the incapacitation or destruction of which shall have a debilitating impact on national security, economy, public health or safety
  • D. Any information technology system operated by a public sector undertaking in the banking sector

Q2. The Indian Computer Emergency Response Team (CERT-In) functions as the national nodal agency for cyber security incident response under which one of the following provisions of the Information Technology Act, 2000?

  • A. Section 70A
  • B. Section 70B
  • C. Section 66F
  • D. Section 43A

Q3. Which one of the following is the national nodal agency designated for the protection of Critical Information Infrastructure in India?

  • A. National Cyber Coordination Centre
  • B. National Critical Information Infrastructure Protection Centre (NCIIPC)
  • C. Indian Computer Emergency Response Team (CERT-In)
  • D. Data Security Council of India

Q4. The Computer Security Incident Response Team – Power (CSIRT-Power) was set up as an extended arm of CERT-In at which one of the following institutions?

  • A. GRID-INDIA
  • B. Central Electricity Authority (CEA)
  • C. Central Electricity Regulatory Commission (CERC)
  • D. Power Grid Corporation of India Limited (POWERGRID)

Q5. In the power-sector cybersecurity architecture, which one of the following functions as the apex sectoral response team that coordinates the sub-sectoral CERTs and acts on cyber threat intelligence received from CERT-In?

  • A. GRID-INDIA Security Operation Centre
  • B. NCIIPC
  • C. CSIRT-Power
  • D. CSIRT-Thermal

Q6. As part of the power-sector cybersecurity framework being formalised by the Draft CEA (Cyber Security in Power Sector) Regulations, how many sub-sectoral Computer Emergency Response Teams (CERTs) has the Ministry of Power constituted?

  • A. Four
  • B. Five
  • C. Six
  • D. Eight

Q7. Reflecting its heavily digitised and high-value attack surface, which one of the following critical sectors accounted for the largest number of cybersecurity audits conducted by CERT-In in 2024-25?

  • A. Power and energy
  • B. Telecom
  • C. Banking, financial services and insurance (BFSI)
  • D. Transport