Multiple Choice Questions (MCQs) and

Fill-in-the-Blank Questions on Information

Technology Law in India
Note: The following questions and answers are based on the Information Technology Act,
2000 (as amended), related rules, and other applicable laws in India, relevant for the fictional
state of Bloomington, which follows Indian laws. The answers reflect provisions up to June
27, 2025, and are designed for LLB students preparing for academic or competitive exams
(e.g., UGC NET, AIBE).

Multiple Choice Questions (MCQs) with Answers

Basic Concepts and Definitions

1. The Information Technology Act, 2000, came into force on:

o A) October 17, 2000
o B) January 1, 2000
o C) April 1, 2001
o D) June 9, 2000
o Answer: A) October 17, 2000
o Explanation: The IT Act, 2000, was notified and enforced on October 17,
2000.
2. The primary objective of the IT Act, 2000, is to:
o A) Regulate taxation of e-commerce
o B) Provide legal recognition to electronic transactions
o C) Prohibit all cyber activities
o D) Regulate social media platforms
o Answer: B) Provide legal recognition to electronic transactions
o Explanation: Section 1(2) aims to facilitate e-commerce and e-governance by
recognizing electronic records.
3. The term ‘electronic record’ is defined under Section ____ of the IT Act, 2000.
o A) 2(1)(i)
o B) 2(1)(t)
o C) 2(1)(v)
o D) 3
o Answer: B) 2(1)(t)
o Explanation: Section 2(1)(t) defines electronic records as data generated or
stored electronically.
4. The authority responsible for issuing digital signature certificates is called:
o A) Controller of Certifying Authorities (CCA)
o B) Cyber Appellate Tribunal
o C) Adjudicating Officer
o D) Central Government
o Answer: A) Controller of Certifying Authorities (CCA)
o Explanation: Section 17 establishes the CCA to regulate certifying
authorities.
 5. The IT Act, 2000, applies to the whole of India except:
o A) Jammu and Kashmir
o B) Sikkim
o C) No exceptions
o D) Andaman and Nicobar Islands
o Answer: C) No exceptions
o Explanation: Post-2019, the IT Act applies uniformly across India, including
Jammu and Kashmir.

Digital Signatures and Electronic Governance

6. Legal recognition of electronic records is provided under Section:

o A) 3
o B) 4
o C) 5
o D) 6
o Answer: B) 4
o Explanation: Section 4 grants electronic records the same legal status as
paper records.
7. A digital signature is authenticated under Section ____ of the IT Act.
o A) 3
o B) 4
o C) 5
o D) 6
o Answer: A) 3
o Explanation: Section 3 provides for the authentication of electronic records
via digital signatures.
8. The use of electronic records in government functions is enabled under Section:
o A) 6
o B) 7
o C) 8
o D) 9
o Answer: A) 6
o Explanation: Section 6 promotes e-governance by allowing electronic filings.
9. A digital signature certificate can be suspended by the CCA under Section:
o A) 35
o B) 36
o C) 37
o D) 38
o Answer: C) 37
o Explanation: Section 37 allows suspension of a digital signature certificate
for valid reasons.
10. The validity period of a digital signature certificate is generally:
o A) 1 year
o B) 2 years
o C) 3 years
o D) 5 years
o Answer: B) 2 years
 o Explanation: As per CCA guidelines, digital signature certificates are
typically valid for 1–2 years.

Cybercrimes

11. Hacking as an offence is defined under Section ____ of the IT Act.

o A) 43
o B) 66
o C) 67
o D) 70
o Answer: B) 66
o Explanation: Section 66 addresses hacking with intent to cause wrongful loss
or damage.
12. Publishing obscene material in electronic form is punishable under Section:
o A) 66A
o B) 66E
o C) 67
o D) 67A
o Answer: C) 67
o Explanation: Section 67 penalizes publishing or transmitting obscene material
electronically.
13. The punishment for identity theft under Section 66C is:
o A) Imprisonment up to 1 year
o B) Imprisonment up to 3 years
o C) Imprisonment up to 5 years
o D) Imprisonment up to 7 years
o Answer: B) Imprisonment up to 3 years
o Explanation: Section 66C prescribes up to 3 years imprisonment and a fine up
to ₹1 lakh.
14. Tampering with computer source documents is an offence under Section:
o A) 65
o B) 66
o C) 66B
o D) 66D
o Answer: A) 65
o Explanation: Section 65 penalizes tampering with source code with up to 3
years imprisonment.
15. Violation of privacy by transmitting private images is punishable under Section:
o A) 66A
o B) 66E
o C) 67
o D) 67B
o Answer: B) 66E
o Explanation: Section 66E addresses the transmission of images of private
areas without consent.

Intermediary Liability

16. Intermediaries are defined under Section ____ of the IT Act.

 o A) 2(1)(u)
o B) 2(1)(w)
o C) 2(1)(z)
o D) 79
o Answer: B) 2(1)(w)
o Explanation: Section 2(1)(w) defines intermediaries like ISPs and social
media platforms.
17. Safe harbour protection for intermediaries is provided under Section:
o A) 66
o B) 79
o C) 80
o D) 81
o Answer: B) 79
o Explanation: Section 79 exempts intermediaries from liability if due diligence
is followed.
18. The IT (Intermediary Guidelines and Digital Media Ethics Code) Rules were
notified in:
o A) 2018
o B) 2019
o C) 2020
o D) 2021
o Answer: D) 2021
o Explanation: The IT Rules, 2021, regulate intermediaries and digital media.
19. Significant social media intermediaries must appoint a ____ under IT Rules,
2021.
o A) Chief Compliance Officer
o B) Data Protection Officer
o C) Cybercrime Investigator
o D) Legal Advisor
o Answer: A) Chief Compliance Officer
o Explanation: Rule 11 mandates significant intermediaries to appoint a CCO.
20. Intermediaries must remove unlawful content within ____ hours of a court
order.
o A) 24
o B) 36
o C) 48
o D) 72
o Answer: B) 36
o Explanation: IT Rules, 2021, require removal within 36 hours of a court or
government order.

Data Protection and Cybersecurity

21. The Digital Personal Data Protection Act was enacted in:
o A) 2020
o B) 2021
o C) 2022
o D) 2023
o Answer: D) 2023
 o Explanation: The DPDP Act, 2023, governs personal data protection in India.
22. A ‘Data Fiduciary’ under the DPDP Act, 2023, refers to an entity that:
o A) Collects user data without consent
o B) Determines the purpose and means of processing personal data
o C) Investigates cybercrimes
o D) Issues digital signatures
o Answer: B) Determines the purpose and means of processing personal data
o Explanation: Section 2(5) of the DPDP Act defines a data fiduciary.
23. The penalty for failing to protect personal data under the DPDP Act can be up
to:
o A) ₹50 crore
o B) ₹100 crore
o C) ₹250 crore
o D) ₹500 crore
o Answer: C) ₹250 crore
o Explanation: Section 33 of the DPDP Act imposes penalties up to ₹250 crore
for data breaches.
24. The Computer Emergency Response Team (CERT-In) operates under Section
____ of the IT Act.
o A) 70
o B) 70A
o C) 70B
o D) 71
o Answer: C) 70B
o Explanation: Section 70B establishes CERT-In to handle cybersecurity
incidents.
25. Under the DPDP Act, consent for data processing must be:
o A) Implied
o B) Free, specific, informed, and unambiguous
o C) Optional
o D) Automatic
o Answer: B) Free, specific, informed, and unambiguous
o Explanation: Section 6 requires explicit consent for data processing.

Adjudication and Appeals

26. Adjudicating Officers under the IT Act are appointed under Section:
o A) 46
o B) 47
o C) 48
o D) 49
o Answer: A) 46
o Explanation: Section 46 empowers officers to adjudicate IT Act
contraventions.
27. Appeals against Adjudicating Officers’ orders lie with the:
o A) High Court
o B) Supreme Court
o C) Cyber Appellate Tribunal
o D) District Court
 o Answer: C) Cyber Appellate Tribunal
o Explanation: Section 57 (repealed in 2017, but relevant for context) allowed
appeals to the Cyber Appellate Tribunal; now, appeals go to the TDSAT.
28. The limitation period for filing a complaint with the Adjudicating Officer is:
o A) 1 year
o B) 2 years
o C) 3 years
o D) 5 years
o Answer: C) 3 years
o Explanation: Section 46 aligns with the Limitation Act, 1963, for civil
wrongs.
29. The Cyber Appellate Tribunal was replaced by the ____ in 2017.
o A) National Consumer Disputes Redressal Commission
o B) Telecom Disputes Settlement and Appellate Tribunal (TDSAT)
o C) National Green Tribunal
o D) Central Administrative Tribunal
o Answer: B) Telecom Disputes Settlement and Appellate Tribunal (TDSAT)
o Explanation: The Finance Act, 2017, merged the Cyber Appellate Tribunal
with TDSAT.
30. The maximum compensation claimable under Section 43A for data breach is:
o A) ₹1 crore
o B) ₹5 crore
o C) No upper limit
o D) ₹10 crore
o Answer: C) No upper limit
o Explanation: Section 43A allows compensation without a cap for failure to
protect sensitive data.

Cybercrime Investigation and Penalties

31. The power to investigate cybercrimes under the IT Act lies with an officer not
below the rank of:
o A) Inspector
o B) Sub-Inspector
o C) Deputy Superintendent of Police
o D) Superintendent of Police
o Answer: A) Inspector
o Explanation: Section 78 requires an Inspector or above to investigate IT Act
offences.
32. The punishment for publishing sexually explicit material under Section 67A is:
o A) Up to 3 years
o B) Up to 5 years
o C) Up to 7 years
o D) Up to 2 years
o Answer: C) Up to 7 years
o Explanation: Section 67A prescribes up to 7 years for first offences and a
fine.
33. Offences under Section 66 are:
o A) Cognizable and bailable
 o B) Non-cognizable and non-bailable
o C) Cognizable and non-bailable
o D) Non-cognizable and bailable
o Answer: C) Cognizable and non-bailable
o Explanation: Section 77B classifies Section 66 offences as cognizable and
non-bailable.
34. The penalty for unauthorized access under Section 43 is up to:
o A) ₹1 lakh
o B) ₹5 lakh
o C) ₹10 lakh
o D) No limit
o Answer: B) ₹5 lakh
o Explanation: Section 43 allows compensation up to ₹5 crore, but individual
penalties are capped at ₹5 lakh.
35. Child pornography in electronic form is punishable under Section:
o A) 66E
o B) 67
o C) 67B
o D) 67C
o Answer: C) 67B
o Explanation: Section 67B specifically addresses child pornography with up to
7 years imprisonment.

Miscellaneous

36. The IT Act, 2000, overrides other laws as per Section:

o A) 79
o B) 80
o C) 81
o D) 82
o Answer: C) 81
o Explanation: Section 81 gives precedence to the IT Act unless inconsistent
with other laws.
37. The National Critical Information Infrastructure Protection Centre (NCIIPC) is
established under Section:
o A) 70
o B) 70A
o C) 70B
o D) 71
o Answer: B) 70A
o Explanation: Section 70A establishes NCIIPC to protect critical
infrastructure.
38. The IT (Reasonable Security Practices) Rules, 2011, apply to:
o A) Sensitive personal data
o B) All electronic records
o C) Only government data
o D) Financial data only
o Answer: A) Sensitive personal data
 o Explanation: The 2011 Rules regulate sensitive personal data or information
(SPDI).
39. The DPDP Act, 2023, establishes the ____ to oversee data protection.
o A) Data Protection Board
o B) Cyber Appellate Tribunal
o C) CERT-In
o D) CCA
o Answer: A) Data Protection Board
o Explanation: The DPDP Act creates the Data Protection Board for
enforcement.
40. The IT Act, 2000, was significantly amended in:
o A) 2006
o B) 2008
o C) 2010
o D) 2012
o Answer: B) 2008
o Explanation: The IT Amendment Act, 2008, introduced key provisions like
Sections 66A–67B.
41. Electronic evidence is admissible under Section ____ of the Indian Evidence Act,
1872.
o A) 65
o B) 65A
o C) 65B
o D) 66
o Answer: C) 65B
o Explanation: Section 65B governs the admissibility of electronic records with
a certificate.
42. The IT Rules, 2021, require intermediaries to trace the first originator of a
message within:
o A) 24 hours
o B) 48 hours
o C) 72 hours
o D) 7 days
o Answer: C) 72 hours
o Explanation: Rule 4(2) mandates tracing within 72 hours for significant
intermediaries.
43. The maximum fine for failure to furnish information under Section 45 is:
o A) ₹10,000
o B) ₹25,000
o C) ₹50,000
o D) ₹1,00,000
o Answer: B) ₹25,000
o Explanation: Section 45 imposes a fine up to ₹25,000 for residuary
contraventions.
44. The term ‘sensitive personal data’ includes:
o A) Passwords and financial information
o B) Name and address only
o C) Publicly available data
o D) General business data
 o Answer: A) Passwords and financial information
o Explanation: Rule 3 of the IT (Reasonable Security Practices) Rules, 2011,
defines SPDI.
45. The punishment for cyber terrorism under Section 66F is:
o A) Up to 3 years
o B) Up to 5 years
o C) Up to 7 years
o D) Imprisonment for life
o Answer: D) Imprisonment for life
o Explanation: Section 66F prescribes life imprisonment for cyber terrorism.
46. The IT Act, 2000, does NOT apply to:
o A) Electronic contracts
o B) Negotiable instruments (except cheques)
o C) E-commerce transactions
o D) Digital signatures
o Answer: B) Negotiable instruments (except cheques)
o Explanation: Section 1(4) excludes certain documents like negotiable
instruments.
47. The minimum age for a data principal under the DPDP Act, 2023, is:
o A) 16
o B) 18
o C) 21
o D) No age limit
o Answer: B) 18
o Explanation: The DPDP Act defines a data principal as an individual above
18, with provisions for guardians for minors.
48. The IT Act, 2000, is supplemented by rules notified under Section:
o A) 87
o B) 88
o C) 89
o D) 90
o Answer: A) 87
o Explanation: Section 87 empowers the Central Government to make rules.
49. The CERT-In Directions, 2022, mandate reporting of cybersecurity incidents
within:
o A) 6 hours
o B) 12 hours
o C) 24 hours
o D) 48 hours
o Answer: A) 6 hours
o Explanation: CERT-In Directions, 2022, require reporting within 6 hours.
50. The landmark case declaring Section 66A unconstitutional is:
o A) Shreya Singhal v. Union of India
o B) Anuradha Bhasin v. Union of India
o C) K.S. Puttaswamy v. Union of India
o D) M.C. Mehta v. Union of India
o Answer: A) Shreya Singhal v. Union of India
o Explanation: AIR 2015 SC 1523 struck down Section 66A for violating
Article 19(1)(a).
Fill-in-the-Blank Questions with Answers
1. The Information Technology Act, 2000, was enacted to provide legal recognition to
_______ transactions.
o Answer: Electronic
o Explanation: The Act facilitates e-commerce and e-governance.
2. The term ‘digital signature’ is defined under Section _______ of the IT Act.
o Answer: 2(1)(p)
o Explanation: Section 2(1)(p) defines digital signatures.
3. Hacking with the intent to cause wrongful loss is punishable under Section _______
of the IT Act.
o Answer: 66
o Explanation: Section 66 covers unauthorised access causing damage.
4. The penalty for publishing obscene material under Section 67 is imprisonment up to
_______ years for the first offence.
o Answer: 3
o Explanation: Section 67 prescribes up to 3 years and a fine up to ₹5 lakh.
5. Intermediaries are exempt from liability under Section _______ if due diligence is
followed.
o Answer: 79
o Explanation: Section 79 provides safe harbour protection.
6. The _______ Rules, 2021, regulate social media intermediaries and digital media.
o Answer: Information Technology (Intermediary Guidelines and Digital Media
Ethics Code)
o Explanation: Notified in February 2021.
7. The Digital Personal Data Protection Act was enacted in _______.
o Answer: 2023
o Explanation: The DPDP Act was passed in August 2023.
8. The maximum penalty for a data breach under the DPDP Act, 2023, is ₹_______
crore.
o Answer: 250
o Explanation: Section 33 imposes hefty penalties.
9. The _______ is responsible for handling cybersecurity incidents under Section 70B.
o Answer: CERT-In
o Explanation: Computer Emergency Response Team-India.
10. Adjudicating Officers under the IT Act have the powers of a _______ court.
o Answer: Civil
o Explanation: Section 46 grants civil court powers for adjudication.
11. Appeals against TDSAT orders lie with the _______ Court of India.
o Answer: Supreme
o Explanation: Post-2017, TDSAT appeals go to the Supreme Court.
12. The punishment for cyber terrorism under Section 66F is _______ imprisonment.
o Answer: Life
o Explanation: Section 66F is a stringent provision.
13. The IT Act excludes _______ from its applicability under Section 1(4).
o Answer: Negotiable instruments (except cheques)
o Explanation: Certain documents are excluded from the Act’s scope.
14. The _______ principle under the DPDP Act requires explicit consent for data
processing.
 o Answer: Consent
o Explanation: Section 6 emphasises informed consent.
15. The investigation of IT Act offences requires an officer of at least _______ rank.
o Answer: Inspector
o Explanation: Section 78 specifies Inspector or above.
16. The _______ case struck down Section 66A as unconstitutional.
o Answer: Shreya Singhal v. Union of India
o Explanation: AIR 2015 SC 1523.
17. The IT Rules, 2021, require significant intermediaries to appoint a _______ Officer.
o Answer: Chief Compliance
o Explanation: Rule 11 mandates a CCO.
18. Electronic evidence requires a certificate under Section _______ of the Indian
Evidence Act.
o Answer: 65B
o Explanation: Ensures the admissibility of electronic records.
19. The _______ protects critical information infrastructure under Section 70A.
o Answer: NCIIPC
o Explanation: National Critical Information Infrastructure Protection Centre.
20. The maximum fine under Section 45 for residuary contraventions is ₹_______.
o Answer: 25,000
o Explanation: Section 45 sets the penalty cap.

Notes for LLB Students

 Source Utilization: Questions are drawn from the IT Act, 2000, DPDP Act, 2023, IT
Rules, 2021, and case laws like Shreya Singhal v. Union of India (AIR 2015 SC 1523)
and K.S. Puttaswamy v. Union of India (2017) 10 SCC 1, aligning with UGC NET
and AIBE patterns.
 Preparation Tips: Combine with past papers (2012–2025) from UGC NET or AIBE,
as per your May 20, 2025, query. Practice under timed conditions and focus on key
sections (3, 4, 43, 66–67, 79) and DPDP Act provisions.
 Legal Relevance: Understand the interplay of the IT Act with IPC (e.g., cyber fraud
under Section 420) and the Evidence Act (Section 65B). Study landmark cases for
constitutional challenges (e.g., Article 19, 21).
 Further Resources: Refer to the Ministry of Electronics and IT website
(meity.gov.in), CERT-In guidelines, and texts like Dr. Farooq Ahmad’s “Cyber Law
in India” for deeper insights. Free resources are available on platforms like Testbook
or Studocu, but verify copyright compliance.

Limitations
Due to the vast scope of IT Law, this set covers core provisions but excludes niche areas like
blockchain regulation or AI-specific laws, which are emerging. If you need questions on
specific topics or more depth, please specify. For free PDF resources, check testbook.com or
studocu.com, as noted in your prior request.