Questions Answers

can non home br block digital channels yes

if suspicious activity is observed in CA having multi user
variant of CINB what action can a branch take block all active users
spdi both a&b
as per rbi &gov 1600xx
term refers to ability to limit data access to only those
authorised confidentiality
failure to implement cyber security financial penalties
who is responsible for notifying a personal data breach to
the data protection board concerned data fiduciary
best describes ransomware encrypts files and demands payment
use data only for specific purpose it was
what is the purspose of purpose limitation under the act collected
which dept at SBI functions 24*7*365/366 PRM Dept & Centralised Cyber Cell
who is the primary regulator under the DPDP act data protection board of india
what kind of data is considered critical under sbi data
governance policy customer and financial transaction data

if customer reports a cyber fraud after 4 to 7 days, what is

customers liability as per rbi guidelines followed by sbi limited liability
what is malware malcious software designed to harm
which is not a type of money mule account lazy account
what is the main objective of dpdp act 2023 protect personal data of ind
beneficial owner is all of the above
dpdp act allows cross border data transfer to only countries notified by govt
which of the following best describes two factor
authentication security method using two verification steps
what is firewall network security sys that control traffic
use without consent under permitted
what does legitimate use under act mean condition
if fraud occurs due to banks system failure, what is
cutomers liability zero
physical site verification matching
transaction with activity, not to tip off
most important aspects to look for during EDD is computer

your credit card reward points are expiring soon!redeem

them now at [Link]. The link takes her
to a page that looks like her banks website asking her for
her card details. What red flag stands out the most all of the above
which of the following tools is commonly used in sbi to
prevent unauthorised access to sensitive data firewalls and intrustion detection system
full form of ncrp national cyber crime reporting portal
no sudden spurt in the transactions and
which of the following is not a characteristic of money account acitivity consistent with past
mule account history
john recieves an email that appears to be from his bank,
asking him to verify account information. The email
creates a sense of urgency stating that the account will be
suspended if he does not respond immediately. What
kind of cyber crime is this phishing
DPDP ACT primarily applies to which type of data personal data

physical call verification must necessarily be done with

geo tagging at the time of opening non individual current
account and also activating inoperative accounts no
which of the following data does the dpdp act not apply
to non personal data
how does dpdp act promote accountability in cyber appointing data protection officer for large
security scale processors

if a data principal withdraws consent, data fiduciary must stop processing personal data
while opening a current account branch obtains the
declaration/undertaking pertaining to credit facilities and
declaration by customer Annexure (V-A/V-B/V-C), AnnexureXXII
to prevent growth in inoperative accounts, Annexure B is
to be sent to account holders to ascertain the reason for
non operation in the account where the balance in the
account is no minimum threshold limit

Mr A receives a call from a so called CBI officer who

claims that illegal items have been found in his courier
packet. The caller puts Mr A under digital Arrest by
restricting his movements and also prevents him from
disconnecting the video call. The caller asks Mr A to Disconnect call and report to nearest cyber
deposit the penality. What should Mr A do crime police/ portal/1930
which CINB variant is to be provided to a proprietorship
account single user
if you suspect that your internet banking account has
been compromised what should you do first report it to bank and change the password

what is the primary purpose of SBI compensation policy to protect customers from financial loss due
for cyber frauds to unauthorised electronic transactions
data protection board has power to impose penalties for non compliance
what is one of the rights of a data principal under DPDP
act erasure of personal data
which department monitors digital payment transactions
on a real time basis DB&T
Cyberdost is the official social media handle of which
department I4C
VARIOUS WAY TO PROTECT DATA ARE all of the above
Meera is invited to seminar about real estate investing.
She is impressed by the speaker who claims to have made
millions. She is offered a spot in private club that buys
property abroad with min investment of Rs.25.00lacs The
presentor insists it is not available to general public. What
makes this suspicious all of the above
in case of delayed reporting beyond 7 working days what
is the consequences for the customer as per bank's board approved policy
what is the toll free number for reporting cyber frauds in
sbi 1800112211 or 18004253800

which of the following best describes strong password mix of letters, numbers and symbols
manipulating people to divulge confidential
what is social engineering info
which of the following is a cyber security obligation under
the DPDP act perform routine cyber audits
what is the storage limitation principle under the act store only as long as necessary
data records and media should be disposed off in as per circle instructions and banks waste
compliance with policy and IS policy
software designed to detect and remove
which of the following best describes antivirus software malicious programs

who is responsible for overseeing data governance in sbi chief data officer

abraham receives a call from narcotics department

informing him that his sister travelling abroad has been
caught carrying drugs in her bag at the airport. Abraham
gets tense at his sister was travelling to Dubai. The officer
from narcotics dept asks abraham to isolate himself in a Stay calm, call 1930/ report the same on
room for security reasons and immediately deposit Rs.50 the cybercrime portal be alert and
lacs as bail for his sister. What should abraham do disconnect the call immediately

what is the time limit within which sbi must resolve a

complaint about unauthorised transactions as per RBI 90days
according to sbi cyber security framework, which of the
following is a mandatory component of incident
management reporting and escalation
what is one of the key actions sbi advices to prevent cyber regularly update contact information and
frauds monitor accounts

as per the data governance policy data is classified into internal, public, confidential and sensitive
___ cell in circles is a dedicated cell dealing with UAED
transactions customer liability identification cell
under the DPDP act what must data fiduciaries implement
to prevent data breaches reasonable security safegaurds

which of the following is considered a contributory

negligence by a customer under SBI cyber fraud policy sharing OTP with a fraudster
if you receive a call from an unknown number which of
the following is the most trustworthy 1600xxx
which of the following is a key pillar of sbi cyber security
and data governance framework data encryption and access controls
maximum liability of a customer under UAED transaction
on credit card with limit above Rs.5lacs Rs.25000/-
__ is the helpline number launched by MHA for reporting
cyber crimes 1930

is the bank mis generating any digital transaction reports yes

the dpdp act madates entities to appoint a data
protection officer if they are significant data fiduciaries
what is the role of transaction monitoring system in to identify fraudlent or suspicious banking
corporate internet banking behaviour in real time
what standard does sbi follow for implementing its cyber
secuirty controls ISMS IS /IEC 27001
What is the primary objective of sbi data governance ensure integrity availability and
policy confidentiality of data

Tom receives a call from someone sounding like their

bank officer, warning of fraudlent activity and asking for
the [Link] call ID shows bank's real [Link] OTP is
shared and money is lost. What kind of scam is this vishing
pan number is what type of information confidential
individual to whom the personal data
who is referred to as a data principal relates

under rbi guidelines within how many working days

should a customer report an unauthorised transaction to
avoid liability in case of third party breach 3days
which of the following is not a ground for processing data
without consent marketing promotions
what is the main cyber security risk addressed by the
DPDP act unauthorised access or data leakage
consent under DPDP act must be explicit or infromed
via internal grievance redressal and appeal
how should grievances be addressed under the act to the board
time taken to report a fraudlent UAED transaction for
zero liability is within 3days
what ensures accountability in data usage under sbi data
governance framework appointing data steward and custodian
what is the max extent of penalty in DPDP act for failure
to take reasonable security safeguards to prevent data
breach upto 250crores

emilys debit card is declined at an atm and she notices

that the atm looks suspicious. She later discovers that her
card details have been [Link] is what kind of scam atm skimming
attempt to steal senisitive information via
what is phising fake emails
what is full form of dpdpa digital personal data protection act
spdi stands for sensitive personal data or information
what does data fiduciary mean under the act entity that processes personal data
PII stands for Personally identifiable information

Mitra receives a call from a man named James, claiming

to be from a reputed investment firm. He offers her an
opportunity to invest Rs.10000 with guaranteed 20%
a&c
return within 3 months. He pressurizes her to act quickly
saying that offer is about to close. He also sends her the
link of website that looks authentic and some documents
that look official. Which red flag stands out the most
Proactive risk management department uses which mail none of the above,
ID noreplyprmdlr@[Link]
encryption of personal data is an example of cyber security best practise
what is considered a personal data breach under the unauthorised access, disclosure or loss of
DPDP act personal data
veera receives an email that looks like its from her airline
royalty program. The logo is correct and it says she is
eligible for double points if she confirms her login
credentials. The email asks her to click a link and re enter
her login and password. How can veera verify the email call the airline using official contact
authenticity information
which platform can sbi customers use to report cyber sbi toll free help line branch or official
frauds website
data governance officer at circle level is DGM (Fin& Ops)