Module 4 Assessment Quiz

Questions

Time

60 min

Passing

70%

Parts

Part 4.1 — Police Machinery & Jurisdiction

1NCRP portal (cybercrime.gov.in) is operated by:

CERT-InI4C under MHACBINIA

I4C (Indian Cyber Crime Coordination Centre) under Ministry of Home Affairs operates the NCRP portal.

21930 helpline is most critical for:

Defamation complaintsHacking incidentsFinancial fraud fund freezeCopyright violations

1930 helpline is critical for financial frauds — can coordinate immediate fund freeze within hours.

3Lalita Kumari v. State of U.P. mandates:

Mandatory FIR registration for cognizable offencesAnticipatory bail in all casesPreliminary inquiry always requiredFIR only after court permission

Lalita Kumari: FIR registration mandatory when information discloses cognizable offence.

4Zero FIR means:

FIR with no accusedFIR with no evidenceAnonymous FIRFIR regardless of jurisdiction, numbered "0", then transferred

Zero FIR: Registered at any police station regardless of jurisdiction, given "0", transferred to appropriate PS.

5CBI investigation requires:

Complainant's request onlyState consent or court orderCentral government notificationNo requirement

CBI needs state government consent or High Court/Supreme Court order to investigate.

6CERT-In is the nodal agency for:

FIR registrationOperating 1930 helplineCyber security incidentsCyber crime prosecution

CERT-In handles cyber security incidents and mandatory breach reporting — under MeitY.

7If police refuses FIR, complainant should:

File complaint before Magistrate (S.200/223 BNSS)File RTI applicationApproach Election CommissionAccept police decision

Magistrate complaint under S.200/223 BNSS can compel FIR registration.

8Cyber crime jurisdiction exists at:

Only accused locationOnly server locationOnly victim locationAll: accused, server, victim, consequence locations

Multiple jurisdictions available — strategic forum selection possible.

9Multiple FIRs on same cause of action (Arnab Goswami):

All should proceedSubsequent FIRs quashableAutomatically clubbedStrengthen prosecution

Arnab Goswami: Identical allegations — subsequent FIRs liable to be quashed.

10NCRP complaint is:

Equivalent to FIRAutomatic FIR in 7 daysNot substitute for FIR — follow up neededOnly for lawyers

NCRP complaint is not FIR — separate FIR needed for court proceedings.

Part 4.2 — FIR & Complaint Drafting

11FIR under BNSS S.173 is for:

Any offenceCognizable offences onlyIT Act offences onlyBailable offences only

FIR under S.173 BNSS is for cognizable offences.

12Online defamation (BNS S.356) requires:

FIR at cyber cellCERT-In complaintPrivate complaint before MagistratePIL in High Court

Defamation (S.356 BNS) is non-cognizable — private complaint required.

13Phishing attack FIR should include:

Only IT Act S.66Only BNS S.318Only BNSS provisionsIT Act S.66C, 66D + BNS S.318, 319

Phishing: IT Act + BNS combination required.

14Most critical detail for financial fraud FIR:

Accused's phone, UPI ID, transaction detailsComplainant's educationPrevious complaintsFamily details

Phone numbers, UPI IDs, transaction IDs are investigation starting points.

15Section 66C IT Act covers:

HackingIdentity theftCyber terrorismChild pornography

S.66C: Fraudulent use of electronic signature, password, or identification.

167 essential FIR elements are:

Date, time, place, witness, motive, weapon, alibiFIR number, date, PS, IO, court, judge, prosecutorVictim, accused, witness, evidence, law, procedure, judgmentComplainant, accused, incident, loss, sections, evidence, prayer

7 elements: Complainant, accused, incident, loss, sections, evidence, prayer.

17Common FIR drafting mistake:

Too many technical detailsFiling too earlyVague description without specific IDsAnnexing too much evidence

Vague FIRs without specific details leave no investigation starting point.

18Ransomware on critical infrastructure attracts:

IT Act S.66F + S.66 + BNS S.308Only BNS provisionsOnly IT Act S.43Copyright Act

Critical infrastructure ransomware: S.66F (cyber terrorism), S.66, BNS S.308 (extortion).

19Before filing FIR for financial fraud:

Wait for bank investigationCall 1930 helpline firstSend legal notice to bankFile RTI

Call 1930 first for immediate fund freeze.

20S.66D IT Act covers:

Data theftHackingObscene contentCheating by personation using computer

S.66D: Cheating by personation using computer resource.

Part 4.3 — Evidence Preservation

21Telecom CDR retention period:

30 days6 months2 years5 years

TRAI mandates telecom companies retain CDR for approximately 2 years.

22S.91 BNSS notice can be issued by:

ComplainantCourt or Police Officer (SHO+)Any advocateCERT-In

S.91 BNSS: Courts or police officers can summon documents.

23Golden hour for financial fraud:

First 24-48 hoursFirst weekFirst monthNo timeline

First 24-48 hours critical for fund freeze.

24Social media IP logs typically retained:

1 week30 days180 days~90 days

Most platforms retain IP logs for approximately 90 days.

25Self-captured screenshot requires:

No requirementsS.63 BSA certificatePolice attestationCourt permission

Self-captured evidence requires S.63 certificate.

26CCTV footage auto-overwrites within:

7 days14 days30-60 days6 months

Most CCTV systems auto-overwrite every 30-60 days.

27Best self-preservation practice:

Full screenshot with URL, timestamp, hashCropped screenshotVerbal descriptionMemory recall

Full screenshots with URL, timestamp, and hash preserve authenticity.

28Bank records retention (RBI):

2 years5 years7 years10 years

RBI mandates banks retain records for 10 years.

29Failure to preserve evidence after notice:

No liabilityS.201 BNS liabilityCivil damages onlyContempt only

Intentionally destroying evidence after notice attracts S.201 BNS.

30Independent evidence preservation uses:

Personal diaryVerbal testimonyWeb.archive.orgMemory recall

Wayback Machine provides independent third-party preservation.

Part 4.4 — Interim Reliefs

31Fastest route for account freezing:

1930 helplineCourt applicationRBI complaintFIR only

1930 helpline triggers immediate inter-bank coordination.

32S.79 IT Act safe harbor lost when:

Hosting any contentMaking profitsNot acting on actual knowledgeAllowing user content

Safe harbor conditional on expeditious removal after actual knowledge.

33S.69A website blocking by:

State governmentsCentral Government onlyAny police officerIntermediaries

S.69A: Only Central Government can direct blocking.

34Three-fold injunction test:

Urgency, evidence, damagesFIR, evidence, witnessesJurisdiction, limitation, causePrima facie, balance, irreparable injury

Courts apply: prima facie case, balance of convenience, irreparable injury.

35John Doe orders are for:

Blocking sites with unknown operatorsArresting anonymous accusedFreezing accountsSearch warrants

John Doe: Ex-parte blocking orders against unknown operators.

36IT Rules grievance acknowledgment:

1 hour12 hours24 hours7 days

Platforms must acknowledge within 24 hours, resolve within 15 days.

37Shreya Singhal on S.69A:

UnconstitutionalValid but subject to judicial reviewAbsolute government powerOnly for foreign sites

Shreya Singhal: S.69A valid with procedural safeguards.

38Ex-parte injunctions granted:

After full trialAfter hearing both partiesOnly in criminal casesWithout hearing other side

Ex-parte: Without hearing other side for extreme urgency.

39Suppression in ex-parte application:

Vacation of orderCriminal prosecutionPermanent injunctionHigher damages

Courts vacate ex-parte orders obtained by suppression.

40Best route for defamation takedown:

S.69A blockingFIR onlyCourt injunction + Platform noticeCERT-In

Court injunction combined with platform grievance is most effective.

Part 4.5 — Defence & Corporate Response

41Sushila Aggarwal on anticipatory bail:

Expires after 60 daysContinues even after charge sheetRequires surrenderOnly bailable offences

Sushila Aggarwal: No time limit — continues even after charge sheet.

42Bhajan Lal provides grounds for:

Anticipatory bailRegular bailQuashing FIRTransfer of investigation

Bhajan Lal: 7 categories for FIR quashing under inherent powers.

43CERT-In reporting timeline:

6 hours24 hours72 hours7 days

CERT-In Directions (2022): 6 hours for prescribed incidents.

44NOT a ground for anticipatory bail:

Devices seizedNo flight riskTechnical analysis neededOffence is bailable

If bailable, anticipatory bail not needed.

45To maintain privilege over investigation:

Use only internal teamConduct under external counselShare with all stakeholdersSubmit to regulators

Investigation under external counsel maintains privilege.

46Upjohn warnings given to:

Employees — lawyer represents companyRegulatorsBoardPolice

Upjohn: Inform employees lawyer represents company, not them.

47Common incident response mistake:

Preserving evidenceEngaging counselWiping before forensic imagingCERT-In reporting

Wiping before forensic imaging loses evidence.

48Quashing typically avoided in:

DefamationCivil disputesCompoundable offencesCyber terrorism & POCSO

Courts hesitant to quash serious offences like S.66F and POCSO.

49RBI cyber incident reporting for banks:

1 hour2-6 hours24 hours7 days

RBI: Banks report within 2-6 hours.

50First step in corporate incident response:

Detection, containment, preservationPress releaseFiling FIRRegulatory reporting

First contain breach and preserve evidence.

Calculating...

Part 4.1

0/10

Part 4.2

0/10

Part 4.3

0/10

Part 4.4

0/10

Part 4.5

0/10

Cyber Crime Investigation & FIR Drafting

Part 4.1 — Police Machinery & Jurisdiction

Part 4.2 — FIR & Complaint Drafting

Part 4.3 — Evidence Preservation

Part 4.4 — Interim Reliefs

Part 4.5 — Defence & Corporate Response