RAS question
CERT-In's 2022 directive mandated organizations to report cybersecurity incidents within:
Correct answer: (A) 6 hours.
CERT-In's Cyber Security Directions of 28 April 2022 require covered organisations to report a cybersecurity incident within 6 hours of noticing it or being told about it.
Explanation
The answer is 6 hours because CERT-In's FAQ on the Cyber Security Directions of 28 April 2022 says that a cyber incident must be reported to CERT-In within 6 hours of the organisation noticing the incident or being brought to notice about it. The same official FAQ places this requirement within a wider compliance framework for service providers, intermediaries, data centres, body corporates and government organisations, covering incident reporting, ICT-system logs, subscriber or customer information, and KYC records for data centres, VPS providers, cloud services, VPN service providers and virtual-asset service providers. Logs also had to be maintained for 5 years.
Why the other options are wrong
- (B) 72 hours is too late because the CERT-In FAQ fixes the reporting clock at 6 hours from noticing the incident or being informed about it.
- (C) 1 week is not compatible with the 2022 CERT-In direction, which treated cyber-incident reporting as a near-immediate 6-hour obligation.
- (D) 24 hours overstates the permitted delay; the official FAQ specifies a 6-hour reporting window, not a one-day window.
Concept
This tests cyber security governance under Science and Technology, especially statutory incident-reporting duties under CERT-In. RAS repeats such questions because digital governance rules connect current affairs, internal security and administrative compliance.
