UPSC Prelims Practice Questions — How safe is India’s critical national infrastructure?
Q1. As per the Information Technology Act, 2000, the term "Critical Information Infrastructure" is best defined as which one of the following?
- A. Any computer network declared by CERT-In as vital to the functioning of the internet in India
- B. A government-owned data centre notified by MeitY for storing citizens' biometric data
- C. A computer resource, the incapacitation or destruction of which shall have a debilitating impact on national security, economy, public health or safety
- D. Any information technology system operated by a public sector undertaking in the banking sector
Q2. The Indian Computer Emergency Response Team (CERT-In) functions as the national nodal agency for cyber security incident response under which one of the following provisions of the Information Technology Act, 2000?
- A. Section 70A
- B. Section 70B
- C. Section 66F
- D. Section 43A
Q3. Which one of the following is the national nodal agency designated for the protection of Critical Information Infrastructure in India?
- A. National Cyber Coordination Centre
- B. National Critical Information Infrastructure Protection Centre (NCIIPC)
- C. Indian Computer Emergency Response Team (CERT-In)
- D. Data Security Council of India
Q4. The Computer Security Incident Response Team – Power (CSIRT-Power) was set up as an extended arm of CERT-In at which one of the following institutions?
- A. GRID-INDIA
- B. Central Electricity Authority (CEA)
- C. Central Electricity Regulatory Commission (CERC)
- D. Power Grid Corporation of India Limited (POWERGRID)
Q5. In the power-sector cybersecurity architecture, which one of the following functions as the apex sectoral response team that coordinates the sub-sectoral CERTs and acts on cyber threat intelligence received from CERT-In?
- A. GRID-INDIA Security Operation Centre
- B. NCIIPC
- C. CSIRT-Power
- D. CSIRT-Thermal
Q6. As part of the power-sector cybersecurity framework being formalised by the Draft CEA (Cyber Security in Power Sector) Regulations, how many sub-sectoral Computer Emergency Response Teams (CERTs) has the Ministry of Power constituted?
- A. Four
- B. Five
- C. Six
- D. Eight
Q7. Reflecting its heavily digitised and high-value attack surface, which one of the following critical sectors accounted for the largest number of cybersecurity audits conducted by CERT-In in 2024-25?
- A. Power and energy
- B. Telecom
- C. Banking, financial services and insurance (BFSI)
- D. Transport