FOURTH MODULE - Merged

LESSON 1
Circle Data Governance Council (C-DGC) is headed by

DGM & CFO
GM NETWORK
DGM AND CDO
CIRCLE CGM
Data Governance Policy is applicable to

All employees of the Bank
All employees at Audit departments
All employees at Data Management Office
All employees at Corporate Centre
Master Data Management Process Includes ______

Create
Read
Modify & Delete
All of the Above
Which one of the following does NOT come under People factor in Data Management prctices?
Data Architects
Data Owners
Data Trainers
Data Stewards
Which activity are considered under Data Management?

Handling complete Data of Organisation
Boost up Organisation Performance
Assure Data quality
All of the above
Data Governance Policy is applicable to third parties having access to SBI network and Data.
As per Vendors agreement
FALSE
TRUE
Not declared in policy
Data Protection officer reports to …..

CGM (R&DB Ops)
GM & Chief Data Management Officer
CGM (Compliance)
Chief Vigilance Officer
Which among the following may be held accountable for quality of data?
People
Processes
Practices
Technology
Data Management with lack of easy access to information for important stakeholders may result in just _________
Data Governance Strategy
Big Data Strategy
Narrow Data Strategy
None of the Above
Apex level Data Governance Council (ADGC), is headed by

DMD COO
CHAIRMAN
CDMO
MD (R&DB)
The word “Data” shall collectively refer to the following descriptions:

Data that are stored or held in servers in SBI, Data storage devices and backup media
Data owned by the Bank which are securely stored/ managed by the third party.
Data owned by the Bank which is shared with the third party
All of the above
Inconsistent Data in Annual Income fields vis a vis customer profile may primarily result in ________
Incorrect AML/CFT compliance
In-efficient Cross-selling
Improper KYC
None of the Above
____ is DGO of Circle

DGM & CCO
DGM (Vigilance)
DGM & CFO
DGM & CRO
Poor Data Quality may result in ______

Inorganic Growth in Business
Increased Customer stickiness
Incorrect Regulatory Reporting
All of the Above
Capturing of incorrect / incomplete Data adversely affects:

Data Quality
Analytical Models
Both 1 & 2
Neither 1 nor 2
Prime objective of Data governance framework is to ensure-

Compliance with relevant legislation, regulatory requirements, policies, procedures and standards.
To define the roles and responsibilities for Data stakeholders, and to establish clear lines of accountability.
Effective assurance and control of Data management processes.
All of the above
What is the frequency of the meeting for Apex level Data Governance Council (ADGC)?
Monthly
Quarterly
Half yearly
Bi monthly
Data processes must also put in place ______

Anlytical Processes
Co-ordination Processes
Monitoring Processes
All of the Above
Data Management Office reports to which of the DMDs

DMD & Group Compliance Officer
DMD & Chief Information Officer
DMD & Chief Risk Officer
DMD & Chief Operating Officer
Providing training to staff is one of the responsibilities of Data Privacy Officer

FALSE
TRUE
Administrative office Data Governance Council (A-DGC), is headed by

RM
DGM (B&O)
AGM/CM GB
GM NETWORK
Data processes must Include ____________
Definitions of how data will be stored
Definitions of how data will be analysed
Definitions of how data will be interpreted
All of the Above
Where does Data come from?

External Parties
Magically
Logs and devices
People, Process and Technology
Data processes must Include ____________

Definitions of how data will be reported
Definitions of how data will be accessed
Definitions of how data will be interpreted
All of the Above
Data Governance Policy is formulated by which Department:

Data Management Office
Data Protection Office
Information Security Department
Compliance Department
Who would be held responsible for not feeding all the customer details in CBS, given by customer in AOF.
BM
1& 2
Checker
Maker
Which of the below helps in monitoring Data Governance Activities?

Data Process
Data Quality
Note
Dashboard
Data Governance can NOT be achieved by Technology alone.

TRUE
FALSE
What is the frequency of the meeting for Data Governance Council-Business Unit/ Vertical (DGC-BU/V)?
Bi monthly
Quarterly
Half yearly
Monthly
Data Governance process includes activities as:

Establish Data Governance Organisation
Define and Enforce Data Standard and Policies
Audit, Monitor & Control of Data Governance activities
All of the above
LESSON 2
Which of the following is not a type of Data leak

Improper categorization of sensitive Data
Submission of monthly P-report to controller in hard copy
Unauthorized transfer of Data to USB devices
Loss or theft of laptops and mobile devices
Non-sensitive Information includes:

Public Information
Routine Business information
Both 1 & 2
None of the above
Capturing of incorrect interest rate in loan accounts may result in _____________.

Income leakage
Excess Income
Customer Complaints
All of the above
In ________________ Processing, small group of transactions are processed on demand

Virtual Time
System
Batch
Real Time
Which one is NOT an approved way of sharing granular Data/access Data under normal circumstances:
E-mail
Single Sign On (SSO)
Secured File Transfer Protocol (SFTP)
Active Directory login (ADS)
Project Ganga Dashboard include divergences related to:

Key Risk Indicators (KRI) Only
Neither DQ nor KRI
Data Quality (DQ) Only
Both DQ & KRI
What are the different categories of Data Classification

SECRET, CONFIDENTIAL, INTERNAL, GENERAL
SENSITIVE, CONFIDENTIAL, INTERNAL, PUBLIC
SENSITIVE, CONFIDENTIAL, INTERNAL, GENERAL
SENSITIVE, CONFIDENTIAL, INTERNAL, EXTERNAL
Data quality is necessary to fulfil the needs of an organization in terms of

Operations
Planning
Decision-making
All of the above
Scope of Customer Sensitive Granular Data Sharing & Access Framework covers:
All the domestic & foreign offices
All SBI employees
All the third parties having access to SBI network and granular Data
All of the above
Business Leads from Analytics comes under Customer Sensitive Granular Data
TRUE
FALSE
Some of the key Data Privacy initiatives include:

Wi-Fi encryption
Secure Cloud Data Storage system
Secured Network Access
All of the above
In an Account Opening Form, if Data has been provided by customer in non mandatory field ( like mobile number /em
Leave the field in CBS blank since it is non mandatory in CBS also
Input the Data exactly as given by the customer
Input partial / any similar Data without matching exactly as it is non mandatory in nature
All of the above
Non capturing of PAN in CIF, even if furnished in the AOF, may result in ________.
Deduction of Excess TDS
Non-reflection of TDS in Form 26 AS
Both 1 & 2
Neither 1 nor 2
Which Portal to be accessed for Data Loss Prevention (DLP) incidents

Data Infringement Portal
Project Ganga Dashboard
DQI Dashboard
MIS Online
“Customer PII Data” is classified as ____________ Data

SENSITIVE
INTERNAL
CONFIDENTIAL
PUBLIC
A staff can be held accountable for Data quality errors.

TRUE
FALSE
What does GDPR stand for-

General Data Priority Regulation
Gross Data Protection Regulation
General Data Privacy Regulation
General Data Protection Regulation
Which of the following is true:

Data Governance is about rules how to build the content
Data Privacy is about the rules how to protect and use the contents
Data Loss Prevention (DLP) tool helps in ensuring Data Privacy
All of the above
A customer has submitted Voter Card as OVD, along with AOF. During the scrutiny, it was found that the age of custo
OVD has to be accepted, as it is a govt. document
OVD can be accepted
if one can vote, he is not a minor. OVD should be accepted
DOB on OVD and AOF, if same, then only account may be opened
If a car dealer asks us for a list of customers having existing car loans, to market loans for new cars for us, shall we sh
May be shared by the Field Officer
May be shared by the Branch Manager
Either 1 or 2
Cannot be shared
Incorrect classification of values like Gender or Customer Type comes under which one of the following Data Quality
Accuracy
Validity
Consistency
Completeness
“Internal audit reports” is classified as ____________ Data

SENSITIVE
PUBLIC
CONFIDENTIAL
INTERNAL
“SBI telephone directory” is classified as ____________ Data

SENSITIVE
INTERNAL
PUBLIC
CONFIDENTIAL
Capturing of incorrect CRA rating / ECR in a loan account may result in ______.
Incorrect Interest Rate
Incorrect Risk weight
Both 1 & 2
Neither 1 nor 2
The best principles for improving Data Quality include(s)

Doing the things right at very first instance
Doing the right things every time
Either 1 or 2
Both 1 & 2 above
What are the impacts of feeding incorrect date of birth of a customer in CBS
Incorrect Customer profile
Customer could not be able to reset his INB password
1& 2
No Impact
Sharing of Data with exernal agencies is governed by
SOP on Data Loss Prevention
SOP on Data Sharing with External agencies/third parties
SOP on Data Infringement
SOP on Customer Sensitive Granular Data Sharing
What are the two important pillars of the SOP on ‘Customer Sensitive Granular Data Sharing and Access – Within Ban
Regulated & Limited access
Restricted & Registered access
Free & Uncontrolled access
None of the above
In case of demand for customer Data by Regulatory Authority, it be shared as per DG Policy
FALSE
TRUE
Salient features of Project Ganga include:

Customer One view
Business Unit wise error classification
Circle-wise error classification
All of the above
LESSON 3
What is Denial of Service Attacks?

A type of attack whereby malicious commands are sent to a system/application through unauthorized channels.
It is a malicious attempt to disrupt the normal traffic of a targeted server, service or network with a flood of Internet tra
It is an attack meant to shut down a machine or network, making it inaccessible to its intended users
An attack used to monitor and potentially modify communications between two users.
Which one of the following is a precautions to be taken while operating the ATM?
Taking help from unknown persons if there is a problem with the ATM
Allow another person to watch while entering PIN
Handing of card to other person who offered help to operate ATM
Check if any extra suspicious device is attached to the ATM machine.
Which of the following is not a stage in SIM swapping?

After customer verification, the mobile operator deactivates the old SIM card in customer possession and issues a new
Fraudsters obtain customer’s personal data through phishing or social engineering.
Under the pretext of having lost the phone, fraudsters contact the Mobile operator and create a fake ID.
All the options above are stages of SIM Swapping
Select the correct statement about the impact of Cyber Risks.

The impact on the services or the potential of the attack infecting our customers’ systems.
Loss of Intellectual Property
financial cost in managing a cyber-attack
All are true
__________ malware is a warning-like popup or reminder in a Laptop/PC/Mobile?

Keylogger
Scareware
Fileless
Spyware
Which of the following principles of the first of the CIA Triad Confidentiality is/are Correct?
a.Confidentiality is the concept of the measures used to ensure the protection of the secrecy of data, objects, or resour
b.The goal of confidentiality protection is to prevent unauthorized access to the information.
c.Confidentiality focuses security measures on ensuring that none other than the sender of a message is able to read it.
d.Secure encryption of the information ensures Confidentiality.
Only a and b
a, b and c
a, c and d
a, b and d
What is not true about SIM Swapping?

SIM Swapping is a fraud that occurs when the fraudsters manage to get a new SIM card issued for a specific registered m
Phishing or social engineering techniques are used to obtain personal information of the customers/users.
Fraudsters get access to the root of the mobile phone through SIM Swapping
Option b & c
With the enhanced sharing of information over a global network for almost all life functions , which one of the follow
Authentication
Non-repudiation
Authorization
Non-refutation
What is not true about myths associated with Cyber Risk?

Cyber threat always starts externally
IT team is alone not responsible for Cyber Security
Compliance and security are the same
Cyber security is an issue which is related with technology
How does the use of Virtual keyboard protect the customer?

It is a useless feature
It protects against Keylogger malware
It protects against computer Viruses
It protects against computer Worms.
Which one of the following is the leading illicit dark web marketplace which was taken down by the FBI in what was
Silk Road 2.0
DisrupTor
Tor
Dark Market
The technique for sending SMS that appears to be initiated from the organization for KYC updation, Account credit, A
Vishing
Spoofing
Stegnography
Identity theft
The technique used to send the emails to all the employees of the Bank is known as ____________.
Smishing
Vishing
Phishing
Spear Phishing
The Cyber-attacks originate through a third party vendor are also called ________?
Service provider attacks
Supplier attacks
Supply chain attacks
Vendor attacks
What makes SolarWinds attack an unusual hack?

The hackers through one malicious code in the application of SolarWinds vendor’s application gained access to Orion so
The hackers targeted a government agency like Pantagon
The hackers seriously damaged the energy supply
The hackers through one malicious code in SolarWinds Orion software gained access to thousands of other companies.
Your friend fears that he has shared the user credentials of OnlineSBI with a stranger. It is a Sunday and Bank is close
Change the password
Lock User access using the relevant link
Contact the Branch on Monday to deactivate INB facility
Type an incorrect login password 4 times so that the username gets locked for a day
Even if a user compromises his/her login credentials of OnlineSBI, no one can login using this credential. What is the
Audio Captcha in the login screen.
Virtual keyboard in the login screen
OTP has been made mandatory at the time of login
Image based Captcha in the login screen
Which one of the following is NOT a type of MITM attack?

DNS Spoofing
Logic Bomb
IP Spoofing
Wi-fi eavesdropping
Which of the following principles of the second of CIA Triad Integrity is/are Correct?
a.Integrity is the concept of protecting the accuracy and completeness of information and processing methods.
b.Integrity protection prevents any kind of alteration of the information.
c.Properly implemented integrity protection provides a means for authorized changes while protecting against intende
omission).
d.Use of a secure Hashing algorithm for the information ensures Integrity.
Only a and b
a, b and c
a, c and d
a, b and d
Which of the following browsers allows access to the Network which is popular for implementing encrypted routing
Chrome
Edge
Tor
Firefox
The fraudster gets the personal details of the people through _______technique.
Spoofing
Keylogger malware
Vishing
Social engineering
Which of the following is not the examples of data?
Employees information
Customer Information
Official conversation over phone
All are examples of data
Which one is not an option for disabling UPI services?

YONO Main Screen UPI Enable/Disable UPI
CBS App menu UPI Disable/Re-enable UPI
Contact Centre: 1800112211/18004253800
Branch Interface (Maker-Checker Concept):
Ajit is doing a merchant transaction to pay the mobile bill. He selects net banking of SBI for making online payment. H
It should start with https://www.retail.onlinesbi.com
It should start with https://www.merchant.onlinesbi.sbi
It should start with https://www.onlinesbi.com
It should start with https://www.retailmerchant.sbi
If you want to change the username and password for your SBI Internet banking, which of the following statements i
You cannot change the Username but he/she can change the password at any time
You can change the Username but not the password
You can only interchange the username by the password and vice versa
You can change both the Username and password at any time
Which one of the following statements is false?

Organizations use Bulk SMS service for marketing and communications.
Bulk SMS simply means sending a large volume or quantity of SMS
Bulk SMS is sending SMS from mobile to many people.
The user’s response to bulk SMS can compromise their identities.
A Cyber-Attack
is not limited to, stealing, altering or destroying the systems/network, disrupting operations and causing information or
is a targeted assault on the Bank’s cyberspace and its underlying infrastructure systems
option a or b
option a & b
_____________is used for obtaining unauthorized access to mobile phones via Bluetooth connection. Once such a co
Man in the Middle attack
Bluesnarfing
Steganography
Spoofing
Which one of the following statements is FALSE about APT attacks?
A type of cyberattack where an unauthorized attacker code enters a system and remains there.
APT attacks may help the attacker in stealing information
APT attacks may be identified immediately as it shuts down the whole system
In APT attacks, attacker code may spread into other machines in the victim’s network and compromise them.
SBI internet banking site provides a facility to bypass such keylogger malware. Identify the feature.
Audio Captcha
Image Captcha
Online Virtual Keyboard
Biometric access
LESSON 4
1
Which one of the following is the most important aspect for an organization as big and global as SBI to protect itself f
A training program for all the vendors to underscore secure coding practices.
A training and awareness program for all the employees in the Information Security department.
An awareness program among all the customers to provide education and guidance on a range of topics, including ema
A training awareness program that would provide education and guidance on a range of information security topics to a
2
Who is primarily responsible for reporting cyber security incidents ?
Deputy General Manager (AC) at LHO
ATM Channel Manager
Branch Manager
Regional Manager (RBO)
3
Which one of the following options does not substantiate the Acceptable Usage Policy of our Bank?
We need to protect the data by following acceptable usage policy guidelines of our bank.
All the workstations / devices should be protected by strong passwords.
However, Mobile and laptop given to the staff for personal holding have exceptions to the policy.
Always lock your desktop while leaving your seat.
4
Which of the following statements is NOT correct in the WannaCry case?
A Windows vulnerability discovered by the United States National Security Agency (NSA).
After the system got affected by WannaCry, Microsoft released the patch for the system which has updated security.
The attackers collective called The Lazarus Group.
This was only one month after Windows released patches for the exploit, meaning that computers that had yet to upda
5
Identify some of the risks involved in using public free WiFi.
All of the above statements are correct
It can expose the users to Man-in-the-middle attacks
The free WiFi could be a rouge network, harvesting the internet user’s data.
Hackers may be misusing the free Wi-Fi to distribute malware
6
Websites use CAPTCHA to avoid password guessing by automated tools to prevent from _______.
Shoulder surfing
Dictionary Attack
Bruetforce Attack
Guessing
7
Which one of the following options is not a concern for password security?
In case of any breach in a Social Media Handle, delete your Social Media Account instead of changing the password.
Password is required to be sufficiently long and secret
Users are responsible for all activities originated from their User credentials
Password should be treated like signature
8
Which of the following incident(s) should be reported to RBI, CERT-In & NCIIPC?
All cyber incidents irrespective of amount of loss
Phishing / Vishing attacks on customers resulting cumulative loss for the customer(s) exceeding ₹ 50 lakh
All incidents which lead to customer service disruptions due to non-availability of IT systems
All of the above
9
If a Bank always allow some of the employees to bring their own laptops, smart phones, tablets etc. to office for offic
Bring Your Own Desktop
Bring Your Own Device
Buy Your Own Device
Budget Your Own Device
10
Can we create the password in other regional language (Other than English and Hindi) in Retail Internet Banking?
You can use the multilingual image based virtual keyboard in Hindi or English only.
The multilingual image based virtual keyboard is available in 13 languages.
You can use the multilingual image based virtual keyboard in Hindi or Tamil only
The multilingual image based virtual keyboard is available in Hindi , Tamil, Oriya or Marathi only
11
Pick the odd one.
Passwords should be complex, sufficiently long and secret.
Passwords must be created using small & upper case, when own name or short form of own name and own initials are
Users are responsible for all activities originating from their user credentials.
Passwords should not be treated like signatures.
12
Select the wrong statement about the Acceptable usage policy (IS Policy) of our Bank?
Users should not install any software that is not authorized for the Bank’s business.
Users on whose PC / Server such software runs shall be solely responsible for Copyrights / IPR violation, Legal and Pena
Successful backup of critical applications or data should be ensured yearly and to be kept offsite.
All are true
13
Which of the following statements is not true about Acceptable usage policy (IS Policy) of our Bank?
Employees, to whom State Bank owned laptops or any other Portable devices are issued, are responsible for its safe cu
Employees who are authorized to access emails and Bank’s data on mobile devices should ensure that MDM application
Employee’s mobile devices need not have Antivirus software
Loss of portable devices should be reported immediately to the local police and to the appropriate authority.
14
What action will you take, when you are defrauded?
Change the username immediately
Lock the user access immediately
Send a written letter to the branch immediately
Write a letter to the RBI immediately
15
The company asked their employees to use their own devices and internet access while working from home. List som
devices of the employees (iii) Asking the employees to use enterprise VPN
Options (i) and (ii) are sufficient
Options (i) alone is sufficient
Options (i) , (ii) and (iii) are necessary
Option (ii) alone is sufficient
16
Which of the following options is NOT the best password security practices?
Enable two-factor authentication
Never completely trust service providers
Change your password, only if you suspect it may have been exposed
Never reuse a password
17
Which one of the following options is not considered as incident for reporting to RBI, NCIIPC and CERT-In?
Frauds/ Customer complaints related to frauds.
Accounting/clerical errors (incorrect ledger posting – cr/dr) that are rectified subsequently.
DoS/DDoS attack not lasting beyond 30 minutes contiguously or not impacting the customer service/digital channels ev
All of the above
18
Which of the following statements is correct regarding creation of Profile password using the Multilingual Image bas
The Profile password should be a combination of alphabets in two of the languages chosen
The Profile password should be a combination of alphabets (in the language chosen), and numerals and special charact
The Profile password should be a combination of alphabets (in the language chosen), and numerals and images
The Profile password should be a combination of alphabets (in the language chosen) and numerals
19
Which one of the following applications is not a threat to compromise confidentiality of the data of portable devices
Facebook
Air watch agent
WhatsApp
True caller
20
What are the ways you can report an unauthorised transaction (ATM) without visiting the branch?
Call dedicated number 1800 1111 09 also Can raise through https://crcf.sbi.co.in
Call the Branch
Call ATM Channel Manager OR ATM Channel Manager Facilitator linked to the ATM
Option a or c
21
Which of the following steps would not be a part of the planning for Work from home?
Ensuring the physical access to the systems room is restricted and monitored
Providing connectivity through a reputed service provider
Installing Anti-Virus in these systems
Arranging official laptops with proper configuration for the employees
22
Which of the following will not be considered as cyber incidents for reporting to RBI?
Incorrect accounting entries that are rectified subsequently
All the options will not be considered
Customer complaints related to frauds.
Physical tampering of ATMs
23
Select the correct statement in this case.
Ransomware Malware uses simple encryption codes to encrypt a victim’s files.
The patches could not stop the spreading malware
The motive for this Ransomware attack is always monetary
Ransomware Malware affects more devices in less time.
24
Which one of the following options is NOT a violation of acceptable usage policy?
The laptop was not protected by password
The laptop was kept open, and the desktop was not locked
There was a breach of critical and confidential data.
There was a data vulnerability due to lack of Anti-virus
25
What is the timelines for reporting of cyber incidents to RBI and other Statutory Authorities CERT-In & NCIIPC? Who
All cyber security incidents should be reported within 24 hours by Incident Response & Management Team
All cyber security incidents should be reported within 12 hours by Incident Response & Management Team
All cyber security incidents should be reported within 2 to 6 hours by Incident Response & Management Team
All cyber security incidents should be reported within 24 to 48 hours by Incident Response & Management Team
26
Which of the following options is an example of inappropriate use of the e-mail service?
Use of other officers' user ids or using a false identity.
Authorized exchange of proprietary information or confidential information
Use the accounts of others with their permission
Creation and exchange of e-mails information or content for official purpose.
27
Cyber security incidents can be reported
by any employee or public
by home branch only
by public
by any employee
28
Method that is NOT suggested to prevent new account fraud.
Ensure ATM Card connected to operational SB Account is blocked
Contact the bank immediately and ensure all the operating accounts are closed
Ensure to lock the internet banking user ID.
Applying the use of end-to-end encryption to protect online transactions.
29
What should be the minimum and maximum length of the login password in Retail Internet Banking?
Minimum length should be 6 characters and maximum length 15 characters
30
Select the wrong statement.
For online meetings, Manage screen sharing options. Change screen sharing to “Host Only.” Avoid file sharing
Do not play online games on company devices as they may download trojans.
Secure your Wi-Fi router connections by enabling WPA2 + AES security
For web security, verify full URL by clicking the link, but do not give any personal/confidential information
DATA GOVERNANCE & CYBER SECURITY MODULE 4
Q: Method that is NOT suggested to prevent new account fraud.

A: Contact the bank immediately and ensure all the operating accounts are closed
Q: Can we create the password in other regional language (Other than English and
Hindi) in Retail Internet Banking?
A: You can use the multilingual image based virtual keyboard in Hindi or English
only.
Q: Which one of the following options is not a violation of acceptable usage policy?
A: Receiving mails from his batchmate
Q: Impact of Cyber risks are_________________

A: All of the above
Q: What is the “Time of detection of incident” for reporting the purpose of a cyber
incident to RBI, CERT-In & NCIIPC?
A: Time at which, the incident is brought to the knowledge of any official of AO,
including DGM & Module CISO
Q: Which of the following options is NOT a good wi-fi security practice?

A: You can use unsecure or open Wi-Fi for official purposes in case of emergency
Q: Pick the odd one.

A: Passwords should not be treated like signatures.
Q: Select the wrong statement.

A: It is not necessary to inform your organization always, if you come across any
discrepancies.
Q: As part of IS awareness and commemoration of Computer Security Day, SBI did

NOT organize which one of the following activities?
A: Cold calling all the employees
Q: “Ransomware” can be spread through_____________?

A: Option 1 and 2
Item 11
Q: Who can report cyber incidents to Information Security Department (ISD)?

A: Anyone who knows about cyber incidents including general public
Q: Which of the following statements is correct regarding creation of Profile

password using the Multilingual Image based Virtual keyboard?
A: The Profile password should be a combination of alphabets (in the language
chosen), and numerals and special characters
Q: Which of the following is NOT one of the best practices to maintain your
password?
A: Only difficult dictionary words should be used
Q: Customer reported an unauthorised UPI transaction of Rs.72,000/- in his account.

He reported the incident on the same day to the bank. The bank is not able to
establish customer negligence even after completion of 90 days from the date of
complaint. As per Limiting Liability of customer guidelines, how much amount does
the Bank needs to pay to the customer in this situation?
A: Rs.72,000/-
Q: Select the wrong statement about the Acceptable usage policy (IS Policy) of our
Bank?
A: Successful backup of critical applications or data should be ensured yearly and to
be kept offsite.
Q: The time at which the cyber incident is brought to the knowledge of any official of
__________ shall be treated as time of detection of incident.
A: Information Security Dept. CC Mumbai
Q: Select the wrong statement about Desktop / Laptops /Workstations Usage?

A: Create a shortcut of a document/file instead of copying it on the desktop
Q: Cyber security incidents can be reported

A: by any employee or public
Q: Which of the following options is crucial in any UPI fraud related to Collect
request?
A: option a & b
Q: Which of the following options is NOT the best password security practices?
A: Change your password, only if you suspect it may have been exposed
Q: Which one of the following is the most important aspect for an organization as big
and global as SBI to protect itself from cyber security attacks and subsequent loss of
brand image?
A: A training awareness program that would provide education and guidance on a
range of information security topics to all the internal users of its systems and
applications.
Q: Which one of the following options does not substantiate the Acceptable Usage Policy of our Bank?
A: However, Mobile and laptop given to the staff for personal holding have exceptions to the policy.
Q: Which of the following statements is NOT correct in the WannaCry case?

A: The attackers collective called The Lazarus Group.
Q: Identify some of the risks involved in using public free WiFi.

A: All of the above statements are correct
Q: Websites use CAPTCHA to avoid password guessing by automated tools to prevent from
_______.
A: Dictionary Attack
Q: Which one of the following options is not a concern for password security?
A: In case of any breach in a Social Media Handle, delete your Social Media Account instead of
changing the password.
Q: Which of the following incident(s) should be reported to RBI, CERT-In & NCIIPC?
A: All of the above
Q: If a Bank always allow some of the employees to bring their own laptops, smart phones, tablets
etc. to office for office use
A: Bring Your Own Device
Q: Can we create the password in other regional language (Other than English and Hindi) in Retail
Internet Banking?
A: You can use the multilingual image based virtual keyboard in Hindi or English only.
Q: Pick the odd one.

A: Passwords should not be treated like signatures.
Q: Select the wrong statement about the Acceptable usage policy (IS Policy) of our Bank?
A: All are true
Q: Which of the following statements is not true about Acceptable usage policy (IS Policy) of our
Bank?
A: Employee’s mobile devices need not have Antivirus software
Q: What action will you take, when you are defrauded?

A: Lock the user access immediately
Q: The company asked their employees to use their own devices and internet access while
working from home. List some devices of the employees (iii) Asking the employees to use
enterprise VPN
A: Options (i) , (ii) and (iii) are necessary
Q: Which of the following options is NOT the best password security practices?
A: Change your password, only if you suspect it may have been exposed
Q: Which one of the following options is not considered as incident for reporting to RBI, NCIIPC
and CERT-In?
A: All of the above
Q: Which of the following statements is correct regarding creation of Profile password using the
Multilingual Image based
A: The Profile password should be a combination of alphabets (in the language chosen), and
numerals and special characters
Q: Which one of the following applications is not a threat to compromise confidentiality of the
data of portable devices?
A: Air watch agent
Q: What are the ways you can report an unauthorised transaction (ATM) without visiting the
branch?
A: Call dedicated number 1800 1111 09 also Can raise through https://crcf.sbi.co.in
Q: Which of the following steps would not be a part of the planning for Work from home?
A: Ensuring the physical access to the systems room is restricted and monitored
Q: Which one of the following options is NOT a violation of acceptable usage policy?
A: There was a data vulnerability due to lack of Anti-virus
Q: What is the timelines for reporting of cyber incidents to RBI and other Statutory Authorities
CERT-In & NCIIPC? Who
A: All cyber security incidents should be reported within 2 to 6 hours by Incident Response &
Management Team
Q: Which of the following options is an example of inappropriate use of the e-mail service?
A: Use of other officers' user ids or using a false identity.
Q: Cyber security incidents can be reported

A: by any employee or public
Q: Select the wrong statement.

A: For web security, verify full URL by clicking the link, but do not give any personal/confidential
information
DATA GOVERNANCE AND CYBER SECURITY MODULE 1
Q: Data Governance Organisation involves a multi-tiered combination of business and

technology roles which include(s)
A: All of the above
Q: Data Governance Policy is applicable to all the domestic offices of SBI including:
A: All of the above
Q: What is the frequency of the meeting for Data Governance Council-Business Unit/
Vertical (DGC-BU/V)?
A: Monthly
Q: Data processes must also put in place ______

A: All of the Above
Q: At the time of account opening, it was found that Educational Qualification was not
mentioned by the customer in AOF, but it is a mandatory filed in CBS
A: Teller should contact, the customer and get the required details and then fill in CBS
Q: DBAs are NOT part of Data Stakeholders

A: FALSE
Q: Data Governance process includes activities as:

A: All of the above
Q: Data governance processes primarily must focus on __________

A: Business Needs
Q: Data Governance can NOT be achieved by Technology alone.

A: TRUE
Q: Data Governance Council-Business Unit/Vertical is being headed by

A: CGM
Q: Data processes must Include ____________

A: All of the Above
Q: Data Management Officer is accountable for all Data Governance related activities of
their respective department
A: FALSE
Q: Data Governance Policy is formulated by which Department:

A: Compliance Department
A: All of the Above
Q: Which one of the following does NOT come under People factor in Data
Management prctices?
A: Data Trainers

A: All of the Above
Q: Data Governance Policy is applicable to third parties having access to SBI network
and Data
A: TRUE
Q: Administrative office Data Governance Council (A-DGC), is headed by

A: DGM (B&O)
Q: Where does Data come from?

A: People, Process and Technology
Q: Which among the following play major role in support of company-wide Data quality
initiatives?
A: People
Q: Data is always originated within the organization

A: FALSE
Q: (i) Data Governance is about the rules how to build the content.
(ii) Data Privacy is about the rules how to protect and use the content.
A: Only (ii) is correct
Q: Against availability of sizeable number of eligible customers only few confirmed leads
could be generated for an Analytics based product. What could be the underlying
reason?
A: Poor Data Quality
Q: Incorrect handling of data may result in exposing an organization to significant

liabilities.
A: TRUE
Q: Technology Solutions which help in data Governance initiatives include ____

A: All of the Above
Q: Which activity are considered under Data Management?

A: All of the above
Q: What are the main sources for low Data Quality?
A: Manual Data Entry
Q: While creating new CIF, customer has given marital status, but as it is not mandatory
in CBS:
A: As the customer has given the details in AOF, teller should fill the same in CBS
Q: DBAs are NOT part of Data Stakeholders

A: FALSE
Q: What is the frequency of the meeting for Data Governance Council-Business Unit/
Vertical (DGC-BU/V)?
A: Quarterly
Q: Technology Solutions which help in data Governance initiatives include ______

A: All of the Above
Q: Process for submission and handling of the Data request is mentioned in

A: Both
Q: _________________is ultimately accountable with regard to the definition, Data quality

and value of Data in a given subject area.
A: Data Custodian

A: All of the Above
Q: Who among the following has a role to ensure that data governance initiatives are
aligned with business needs
A: Data Team
Q: Inconsistent Data in Annual Income fields vis a vis customer profile may primarily result
in ________
A: Incorrect AML/CFT compliance
Q: Where does Data come from?

A: People, Process and Technology
Q: Data Governance Policy is applicable to third parties having access to SBI network and
Data.
A: TRUE
Q: What is/are the responsibility(ies) of the Data Governance Council (DGC)

A: All of the above
Q: Against availability of sizeable number of eligible customers only few confirmed leads
could be generated for an Analytics based product. What could be the underlying reason?
A: Poor Data Quality
Q: Data Governance process includes activities as:
A: All of the above
Q: Data Governance Policy is applicable to

A: All employees of the Bank
Q: Prime objective of Data governance framework is to ensure-

A: All of the above
Q: Data Management Office reports to which of the DMDs

A: DMD & Chief Information Officer
Q: Data Governance can NOT be achieved by Technology alone.

A: TRUE
Q: As per the Bank's Data Governance structure, presently which is the Apex body for Data
Governance?
A: Apex level Data Governance Council (ADGC)
Q: Which of the following is/are a Key Data Quality Dimension?

A: All of the above
Q: The primary priority of Data Processes must be _____

A: MIS Needs
Q: ________shall ensure that there is commensurate adherence, management and periodic

upkeep/review for Data in their respective custodies, asprescribed by Data Governance Policy
A: Data custodians
Q: Which among the following play major role in support of company-wide Data quality
initiatives?
A: Regulators
Q: Data-driven business decisions are possible when _____ is involved in the Data
Governance.
A: Business Unit
Q: ____ is DGO of Circle

A: DGM & CRO
Q: Data governance processes primarily must focus on __________

A: Business Needs

A: Definitions of how data will be moved and changed

A: All of the Above
Q: The word “Data” shall collectively refer to the following descriptions:

A: All of the above
Q: Analytics refers to the process of using Data in order to:

A: All of the above
DATA GOVERNANCE & CYBER SECURITY MODULE -2
Q: Which of the following is true:

A: Data Privacy is about the rules how to protect and use the contents
Q: An SBI Card employee sitting in an branch asks for list of high value customers
along with Mobile numbers for telecalling to sell SBI cards for the Branch. Branch
may share the list with SBI Card employee.
A: FALSE
Q: What is needed to create Data Quality Index?

A: Data quality rule and profiling results.
Q: Capturing of incorrect security in secured loan accounts may result in

_____________.
A: Both 1 & 2
Q: While verifying the pop-up name of PAN holder in CIF creation screen
A: 1 & 3
Q: As per Data Protection Bill (Draft) PII stands for

A: Personally Identifiable Information
I
Q: To boost the housing loan business of the branch , list of HNIs can be shared with
HLCs through:
A: Not to be shared
Q: India is coming with its own Bill on Data Protection which is called ___
A: Personal Data Protection Bill
Q: Project Ganga Dashboard include divergences related to:

A: Both DQ & KRI
Q: Branch has sanctioned a Car loan to one of his staff, but the loan instalment was
not fed in HRMS. The staff paid the instalment through his account and informed the
BM that a SI has been registered for the same.
A: Recovery to staff loan should be through HRMS only, so recovery details in
HRMS needs to be updated
Q: What are the impacts of feeding incorrect date of birth of a customer in CBS
A: 1& 2
Q: If a car dealer asks us for a list of customers having existing car loans, to market
loans for new cars for us, shall we share the list?
A: Cannot be shared
Q: DQI Index has been included as one of the Key Responsibility Areas (KRAs) in
Career Development System (CDS)
A: TRUE
Q: Data quality is necessary to fulfil the needs of an organization in terms of

A: All of the above
Q: As per the Bank‟s approved “SOP on Data Sharing with External Agencies/ Third
Parties” which of the following is to be considered as “Third Party”
A: All the above are to be treated as Third Parties
Q: Data Quality Index (DQI) dashboard measures the Data Quality for-
A: CIFs & Loans
Q: Updated policies or SOPs on Data Governance can be accessed through?

A: >>SBI Times>>MIS Online >>SOPs>>DMO
Q: For personal communication, we can use our official email IDs

A: FALSE
Q: Restricted access to Data means:

A: Both 1 & 2
Q: While inputting temporary address of a customer in CBS, it should be taken care

that
A: "From & To" date in the temporary screen needs to be filled in as declared by the
customer
Q: Some of the key Data Privacy initiatives include:

A: All of the above
Q: In the Data Infringement portal, unattended infringements on Data Loss

Prevention (DLP) may result in_____
A: Penal Score (1 to 4 marks) in RFIA of the Branch
Q: A staff can be held accountable for Data quality errors.

A: TRUE
Parties” which of the following is NOT to be considered as “Third Party”
A: Internal Auditors
Q: Customer sensitive Granular Data can be copied and stored without any approval
A: FALSE
Q: What are the two important pillars of the SOP on „Customer Sensitive Granular A:
Data Sharing and Access – Within Bank‟s Environment‟:
A: Regulated & Limited access
Q: What are the different categories of Data Classification

A: SENSITIVE, CONFIDENTIAL, INTERNAL, PUBLIC
Q: “Customer PII Data” is classified as ____________ Data

A: CONFIDENTIAL
Q: Impact of poor Data Quality on a Branch include ____

A: Both 1 & 2 above
Q: Which of the following is not one of the functions of an effective Data Loss
Prevention (DLP) program
A: Follow-up with Data users for Data Quality enhancement
Q: In an Account Opening Form, if Data has been provided by customer in non

mandatory field ( like mobile number /email ID ), what should be done while inputting
in CBS?
A: Input the Data exactly as given by the customer
Q: Sharing of customer sensitive granular Data is governed by which Policy :

A: Data Governance Policy
Q: Scope of Customer Sensitive Granular Data Sharing & Access Framework

covers:
A: All of the above
Q: For official purpose, if we are required to share customer sensitive data, then we
should:
A: Delete the data after use
Q: Which one is NOT an approved way of sharing granular Data/access Data under
normal circumstances:
A: E-mail
Q: Salient features of Project Ganga include:

A: Customer One view
Q: What are the impacts of not verifying the pop-up name of PAN holder, while
fetching PAN details
A: 1& 2
Q: Incorrect spelling of Customer name comes under which one of the following Data
Quality Dimension?
A: Accuracy
Q: What is needed to create Data Quality Index?

A: Data quality rule and profiling results.
Q: Restricted access to Data means:

A: Both 1 & 2
Q: Some of the key Data Privacy initiatives include:

A: All of the above
Q: What are the impacts of feeding incorrect date of birth of a customer in CBS
A: 1& 2
Q: Can we store customer data on our Desktop ?

A: NO
Q: Objectives of Data Quality are:

i. Accuracy, validity
ii.timeliness, completeness
iii.uniqueness, consistency
A: All of the above
Q: A customer has submitted Voter Card as OVD, along with AOF. During the
scrutiny, it was found that the age of customer is less than 18
A: DOB on OVD and AOF, if same, then only account may be opened
Q: Capturing of incorrect CRA rating / ECR in a loan account may result in _____
A: Both 1 & 2
Q: Error categories in DQI for CIF related errors are:

A: Risk categorization
B. Personal Profile
C. PAN Related
D. Gender Related
E. Age Related
A: All of the Above
Q: Capturing of incorrect interest rate in loan accounts may result in ____________

A: All of the above
Q: Non capturing of PAN in CIF, even if furnished in the AOF, may result in ___
A: Both 1 & 2
Q: If a car dealer asks us for a list of customers having existing car loans, to market
loans for new cars for us, shall we share the list?
A: Cannot be shared
Q: While inputting temporary address of a customer in CBS, it should be taken care

that
A: "From & To" date in the temporary screen needs to be filled in as declared by the
customer
Q: For personal communication, we can use our official email IDs

A: FALSE
Q: While verifying the pop-up name of PAN holder in CIF creation screen
A: 1 & 3
Q: The access to Customer Sensitive Granular Data to the users should be made
strictly on the basis of-
A: Both 1 & 2
Q: Which of the following is not a type of Data leak

A: Improper categorization of sensitive Data
Parties” which of the following is to be considered as “Third Party”
A: All the above are to be treated as Third Parties
Q: “SBI telephone directory” is classified as ____________ Data

A: INTERNAL
Q: What are the possible means by which Customer Sensitive Granular Data can get
divulged or leaked to any unrelated person / third party like vendors, dealers etc:
A: All of the above
Q: Which one of the following risks is not considered while evaluating a third party
vendor for risk assessment?
A: Market Risk
Q: _____________is used for obtaining unauthorized access to mobile phones via

Bluetooth connection. Once such a connection is established then the attacker will be
able to steal photos, messages and contacts etc.
A: Bluesnarfing
Q: Which one of the following statements is false?

A: Bulk SMS is sending SMS from mobile to many people.
Q: Non-repudiation is carried out through the services of authentication, authorization,

confidentiality, and integrity. Confidentiality ensures which one of the following?
A: Secure encryption of the information
Q: Which one of the following is the leading illicit dark web marketplace which was
taken down by the FBI in what was considered then as a significant action on the Dark
web market?
A: Silk Road 2.0
Q: Which one of the following best describes a Man in the Middle (MITM) attack?
A: An attack used to monitor and potentially modify communications between two users
Q: Which of the following principles of the first of the CIA Triad Confidentiality is/are
Correct?
A: a, c and d
Q: Which of the following attacks is not categorised under Exploit based attacks?
A: Email hijacking
Q: Which of the following is not a stage in SIM swapping?

A: All the options above are stages of SIM Swapping
Q: What is the full form of MITB Attack?

A: Man in the Browser
Q: If you click on the padlock sign in the Address bar. Which of the following information
will be available to you?
A: You will get information on who owns the site and who has verified the site
Q: What is a “Collect Request” in a UPI transaction?

A: It is a feature available in BHIM SBI Pay
Q: Which one of the following is NOT a type of MITM attack?

A: DNS Spoofing
Q: Which one of the following statements is more appropriate in terms of Vendor risk
assessment?
A: Continuous assessment of Vendor security practices need to be done throughout the
Contract life cycle.
Q: The Cyber-attacks originate through a third party vendor are also called ________?
A: Supply chain attacks
Q: How does the use of Virtual keyboard protect the customer?

A: It protects against Keylogger malware
Q: Which one of the following statements is FALSE about APT attacks?

A: APT attacks may be identified immediately as it shuts down the whole system
Q: _______ malware is a warning-like popup or reminder in a Laptop/PC/Mobile?

A: Scareware
Q: Which of the following may not be the signs that the Mobile Phone (Android/iOS) is
hacked?
A: All statements are signs that the Mobile phone is hacked
Q: What makes SolarWinds attack an unusual hack?

A: The hackers through one malicious code in SolarWinds Orion software gained
access to thousands of other companies.
Q: Even if a user compromises his/her login credentials of OnlineSBI, no one can login
using this credential. What is the new security feature in OnlineSBI?
A: OTP has been made mandatory at the time of login
Q: Which of the following options is not to protect yourself from keyloggers?

A: Antivirus companies keep their records of the most common malware keyloggers and
will flag them as dangerous.
Q: Social Engineering Attacks does not include _____________

A: Denial of Service attack
Q: What is not true about myths associated with Cyber Risk?

A: Compliance and security are the same
Q: Which of the following best describes the Supply chain attack?

A: Supply chain attack occurs when hackers infiltrates systems through an outside
partner or provider who has access to the target systems and data
Q: What is Denial of Service Attacks?

A: It is a malicious attempt to disrupt the normal traffic of a targeted server, service or
network with a flood of Internet traffic from multiple computers at the same time
Q: While doing an ATM transaction, a customer is required to use a physical card

provided to him by the Bank and also a PIN code to authenticate the transaction. This
practice ensures which of the following triad of Information Security?
A: Confidentiality
Q: Which of the following principles of the second of CIA Triad Integrity is/are Correct?
A: Use of a secure Hashing algorithm for the information ensures Integrity.
Q: What is Denial of Service Attacks?

A: It is an attack meant to shut down a machine or network, making it inaccessible to its intended users
Q: Which one of the following is a precautions to be taken while operating the ATM?
A: Check if any extra suspicious device is attached to the ATM machine.
Q: Which of the following is not a stage in SIM swapping?

A: All the options above are stages of SIM Swapping
Q: Select the correct statement about the impact of Cyber Risks.

A: All are true
Q: __________ malware is a warning-like popup or reminder in a Laptop/PC/Mobile?

A: Scareware
Q: Which of the following principles of the first of the CIA Triad Confidentiality is/are Correct?
A: a, b and d
Q: What is not true about SIM Swapping?

A: Fraudsters get access to the root of the mobile phone through SIM Swapping
Q: With the enhanced sharing of information over a global network for almost all life functions ,
which one of the following
A: Non-repudiation
Q: What is not true about myths associated with Cyber Risk?

A: IT team is alone not responsible for Cyber Security
Q: How does the use of Virtual keyboard protect the customer?

A: It protects against Keylogger malware
Q: Which one of the following is the leading illicit dark web marketplace which was taken down by
the FBI in what was
A: Silk Road 2.0
Q: The technique for sending SMS that appears to be initiated from the organization for KYC
updation, Account credit, Account
A: Spoofing
Q: The technique used to send the emails to all the employees of the Bank is known as
____________.
A: Spear Phishing
Q: The Cyber-attacks originate through a third party vendor are also called ________?
A: Supply chain attacks
Q: What makes SolarWinds attack an unusual hack?

A: The hackers through one malicious code in the application of SolarWinds vendor’s application gained
access to Orion software
Q: Your friend fears that he has shared the user credentials of OnlineSBI with a stranger. It is a
Sunday and Bank is closed.
A: Change the password
Q:
Even if a user compromises his/her login credentials of OnlineSBI, no one can login using this credential. What is
the
A: OTP has been made mandatory at the time of login
Q: Which one of the following is NOT a type of MITM attack?

A: Logic Bomb
Q: Which of the following principles of the second of CIA Triad Integrity is/are Correct?
A:
a, c and d
Q: Which of the following browsers allows access to the Network which is popular for implementing encrypted
routing
A: Tor
Q: The fraudster gets the personal details of the people through _______technique.
A: Social engineering
Q: Which of the following is not the examples of data?

A: All are examples of data
Q: Which one is not an option for disabling UPI services?

A:YONO Main Screen UPI Enable/Disable UPI
Q: Ajit is doing a merchant transaction to pay the mobile bill. He selects net banking of SBI for making online
payment. He
A: It should start with https://www.onlinesbi.com
Q: If you want to change the username and password for your SBI Internet banking, which of the following
statements is
A: You cannot change the Username but he/she can change the password at any time
Q: Which one of the following statements is false?

A: Bulk SMS is sending SMS from mobile to many people.
Q:A Cyber-Attack
A: option a & b
Q: _____________is used for obtaining unauthorized access to mobile phones via Bluetooth connection. Once
such a connection
A: Bluesnarfing
Q: Which one of the following statements is FALSE about APT attacks?

A: APT attacks may be identified immediately as it shuts down the whole system
Q: SBI internet banking site provides a facility to bypass such keylogger malware. Identify the feature.
A: Online Virtual Keyboard

FOURTH MODULE - Merged

Uploaded by

Copyright:

Available Formats

FOURTH MODULE - Merged

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FOURTH MODULE - Merged

Uploaded by

Copyright:

Available Formats

LESSON 1

Circle Data Governance Council (C-DGC) is headed by

Data Governance Policy is applicable to

Master Data Management Process Includes ______

Which activity are considered under Data Management?

Data Protection officer reports to …..

Apex level Data Governance Council (ADGC), is headed by

The word “Data” shall collectively refer to the following descriptions:

____ is DGO of Circle

Poor Data Quality may result in ______

Capturing of incorrect / incomplete Data adversely affects:

Prime objective of Data governance framework is to ensure-

Data processes must also put in place ______

Data Management Office reports to which of the DMDs

Providing training to staff is one of the responsibilities of Data Privacy Officer

Administrative office Data Governance Council (A-DGC), is headed by

Where does Data come from?

Data processes must Include ____________

Data Governance Policy is formulated by which Department:

Which of the below helps in monitoring Data Governance Activities?

Data Governance can NOT be achieved by Technology alone.

Data Governance process includes activities as:

Which of the following is not a type of Data leak

Non-sensitive Information includes:

Capturing of incorrect interest rate in loan accounts may result in _____________.

In ________________ Processing, small group of transactions are processed on demand

Project Ganga Dashboard include divergences related to:

What are the different categories of Data Classification

Data quality is necessary to fulfil the needs of an organization in terms of

Some of the key Data Privacy initiatives include:

Which Portal to be accessed for Data Loss Prevention (DLP) incidents

“Customer PII Data” is classified as ____________ Data

A staff can be held accountable for Data quality errors.

What does GDPR stand for-

Which of the following is true:

“Internal audit reports” is classified as ____________ Data

“SBI telephone directory” is classified as ____________ Data

The best principles for improving Data Quality include(s)

Salient features of Project Ganga include:

What is Denial of Service Attacks?

Which of the following is not a stage in SIM swapping?

Select the correct statement about the impact of Cyber Risks.

__________ malware is a warning-like popup or reminder in a Laptop/PC/Mobile?

What is not true about SIM Swapping?

What is not true about myths associated with Cyber Risk?

How does the use of Virtual keyboard protect the customer?

What makes SolarWinds attack an unusual hack?

Which one of the following is NOT a type of MITM attack?

Which one is not an option for disabling UPI services?

Which one of the following statements is false?

Q: Method that is NOT suggested to prevent new account fraud.

Q: Impact of Cyber risks are_________________

Q: Which of the following options is NOT a good wi-fi security practice?

Q: Pick the odd one.

Q: Select the wrong statement.

Q: As part of IS awareness and commemoration of Computer Security Day, SBI did

Q: “Ransomware” can be spread through_____________?

Q: Who can report cyber incidents to Information Security Department (ISD)?

Q: Which of the following statements is correct regarding creation of Profile