GS PrelimsSecurityMiscellaneous2017

In India, it is legally mandatory for which of the following to report on cyber security incidents? 1. Service providers 2. Data centres 3. Body corporate Select the correct answer using the code given below:

A

1 only

B

1 and 2 only

C

3 only

D

1, 2 and 3

Correct Answer: Option D

Explanation

1. Under the Information Technology Act, 2000 and the rules notified thereunder, particularly the Information Technology (The Indian Computer Emergency Response Team and Manner of performing functions and duties) Rules, 2013, it is legally mandatory for certain entities in India to report specific types of cyber security incidents to the Indian Computer Emergency Response Team (CERT-In). 2. Statement 1 is correct: Service providers, including telecom operators and internet service providers, fall under the purview of entities required to report. 3. Statement 2 is correct: Data centres, which handle significant amounts of data and are critical infrastructure, are also typically required to report incidents. 4. Statement 3 is correct: The rules explicitly mandate reporting requirements for any 'body corporate', which is broadly defined under the IT Act. 5. Therefore, all three entities (Service providers, Data centres, and Body corporate) are legally required to report cyber security incidents to CERT-In.

More Security PYQs

View all Security questions →

Master UPSC Revision

Get 10,000+ topic-wise MCQs, spaced repetition, daily CSAT challenges, and detailed performance analytics.

Coming Soon to Play Store
Coming Soon to Play Store