CyberLaw Academy

📝 MODULE 12 ASSESSMENT

Data Protection, Privacy & Emerging Risks

⏱️ 60 Min

📊 60 Questions

✅ 70% Pass

60:00

Q1

DPDPA Presidential assent:

Aug 2021Aug 2022Aug 2023Aug 2024

Q2

Maximum DPDPA penalty:

₹250 Cr₹200 Cr₹100 Cr₹500 Cr

Q3

Data Fiduciary in Section:

2(h)2(i)2(j)2(k)

Q4

DPDPA consent must be:

WrittenVerbalImpliedFree, specific, informed

Q5

SDF must appoint:

CEOCISODPO + AuditorGovt rep

Q6

Appeals go to:

High CourtTDSATSCMeitY

Q7

Private right of action:

NoYes₹50L limitSDFs only

Q8

NOT legitimate use:

EmergencyState functionLegal dutyMarketing

Q9

Children data penalty:

₹50 Cr₹150 Cr₹200 Cr₹250 Cr

Q10

Nomination right under:

Section 11Section 14Section 16Section 18

Q11

Security failure penalty:

₹250 Cr₹200 Cr₹150 Cr₹100 Cr

Q12

CERT-In reporting:

2 hrs6 hrs24 hrs72 hrs

Q13

Log retention:

90 days120 days180 days365 days

Q14

Notification failure penalty:

₹150 Cr₹200 Cr₹250 Cr₹50 Cr

Q15

IT Act 72 (confidentiality):

S.43S.66S.69S.72

Q16

RBI breach reporting:

2-6 hrs24 hrs72 hrs7 days

Q17

CERT-In Directions year:

2020202120222023

Q18

S.72A imprisonment:

2 yrs3 yrs5 yrs7 yrs

Q19

Logs jurisdiction:

IndiaAnyCloudOffshore

Q20

S.43+66 punishment:

1yr+₹1L2yr+₹2L3yr+₹5L5yr+₹10L

Q21

AO jurisdiction:

₹1 Cr₹5 Cr₹10 CrUnlimited

Q22

Extraterritorial Section:

65667275

Q23

S.72 punishment:

2yr+₹1L3yr+₹2L5yr+₹5L1yr+₹50K

Q24

S.65 deals with:

Identity theftSource code tamperingHackingPhishing

Q25

Evidence best practice:

Forensic image + hashOriginal onlyScreenshotPrint & delete

Q26

S.66C deals with:

HackingSource codeIdentity theftPhishing

Q27

Certified examiner under:

S.65BS.79AS.72S.43

Q28

S.43A applies to:

IndividualsGovt onlyForeign cosBody corporates

Q29

Puttaswamy bench:

5-Judge9-Judge7-Judge3-Judge

Q30

Privacy under Article:

21191432

Q31

Celebrity photo use is:

IntrusionFalse lightAppropriationDisclosure

Q32

Medical records leak is:

IntrusionFalse lightAppropriationPublic disclosure

Q33

R. Rajagopal concerned:

AadhaarMedia & privacyTappingDNA

Q34

PUCL case (1996):

Telephone tappingAadhaarMediaDNA

Q35

RTI personal info exemption:

8(1)(a)8(1)(e)8(1)(j)8(1)(g)

Q36

Washroom cameras:

False lightAppropriationDisclosureIntrusion

Q37

Puttaswamy II dealt:

TappingAadhaarRTIDPDPA

Q38

Privacy restrictions test:

ProportionalityStrict scrutinyRational basisWednesbury

Q39

Identity theft Section:

66B66C66D66E

Q40

Personation Section:

66A66C66D66E

Q41

IT Rules intimate image takedown:

24 hrs48 hrs72 hrs7 days

Q42

S.66E (privacy violation):

66C66D6766E

Q43

MeitY AI Advisory:

Jan 2024Mar 2024Jun 2024Sep 2024

Q44

Algorithm bias under:

Article 14Article 19Article 32Article 226

Q45

Obscene AI under:

S.66CS.66ES.67S.72

Q46

India has deepfake law:

YesNoWomen onlyIT Act only

Q47

DPO mandatory for:

All DFProcessorsSDFsGovt only

Q48

DPO based in:

IndiaAny countryHQEU

Q49

DPIA for:

AllSDFsProcessorsCross-border

Q50

DPA required with:

EmployeesCustomersGovtVendors/Processors

Q51

DPO under Section:

681012

Q52

Grievance mechanism:

Mandatory all DFOptionalSDFs onlyGovt only

Q53

Sub-processor needs:

Board approvalDF prior approvalGovt approvalNone

Q54

DPO reports to:

Board of DirectorsIT DeptHRGovt

Q55

Breach reporting to CERT-In:

2 hrs6 hrs24 hrs72 hrs

Q56

First breach action:

Preserve evidenceNotify mediaDelete dataRebuild

Q57

DPDPA notify:

PoliceCERT-InBoard + PrincipalsMedia

Q58

Privilege protection:

MediaIT vendorInsuranceExternal counsel

Q59

Containment phase:

0-6 hrs6-24 hrs24-72 hrs1 week

Q60

IR Team activation:

ImmediateAfter mediaAfter BoardOptional

0%

← Back to Module 12

© 2025 Cyber Law Academy | Course Director: Adv. (Dr.) Prashant Mali