Digital Forensics: Cyber Crime and Web Security Applied Scenarios
Published:
Questions
30
Duration
30 min
Faculty-reviewed
0
Updated
20 May 2026
About this mock
FACT Digital Forensics paper applied-scenario drill on cyber crime and web security, calibrated at the medium band where distractors are near-neighbour sister concepts and the student must match each fact pattern to the correct statute or technique. The set distinguishes Section 66, 66B, 66C, 66D, 66E, and 66F of the Information Technology Act 2000 against specific scenarios, separates phishing variants from spear phishing and whaling through tailoring and targeting cues, classifies ransomware families across WannaCry, LockBit, Conti, and the NotPetya wiper from their behavioural signatures, and applies malware taxonomy to operational evidence such as command-and-control beacons and SMB scanning. Web-security questions cover SQL injection sub-types (UNION-based, blind time-based, error-based), the three cross-site scripting variants (stored, reflected, DOM-based) from code snippets, email authentication results under SPF (RFC 7208), DKIM (RFC 6376), and DMARC (RFC 7489), and the same-origin policy, Content Security Policy directives, and TLS handshake reasoning at the transport layer. The cyberstalking and cyberbullying boundary is mapped to Section 354D of the Indian Penal Code 1860 and the carried-forward Section 78 of the Bharatiya Nyaya Sanhita 2023 effective from 1 July 2024.
For FACT aspirants and MSc digital forensics students working through cyber crime and information security modules at the applied level, and useful as a calibration drill before NFSU MSc entrance, GCFA, CHFI, and OSCP-track examinations. Questions emphasise statute mapping to fact patterns, sub-type distinction across malware and web-attack families, and protocol reasoning grounded in the IT Act 2000 with its 2008 amendment and the carried-forward BNS 2023 provisions.
Topics covered:
- IT Act sections 66, 66B, 66C, 66D, 66E, 66F applied to scenarios
- Phishing variants: spear phishing, whaling, vishing, smishing kill chains
- Ransomware families: WannaCry, LockBit, Conti, NotPetya behavioural identification
- Malware taxonomy: Trojan downloader, worm with C2, remote-access Trojan
- Spoofing chain: ARP, DNS, and email spoofing layered together
- SQL injection sub-types: UNION-based, blind time-based, error-based
- Cross-site scripting variants: stored, reflected, DOM-based from snippets
- Email authentication: SPF, DKIM, DMARC result evaluation
- Same-origin policy, CORS, Content Security Policy, TLS handshake reasoning
- Cyberstalking under Section 354D IPC 1860 and Section 78 BNS 2023
Useful for revision and self-testing before the FACT Digital Forensics paper.
Allow 30 minutes.
Sources & references
Questions in this mock are written and verified against the following sources. Citations are recorded per question and shown in the explanation after submission.
- cited in 6 questions
Information Technology Act, 2000
Section 66B, punishment for dishonestly receiving stolen computer resource or communication device
Open source - cited in 5 questions
- cited in 4 questions
Casey, Eoghan
Digital Evidence and Computer Crime, 3rd Edition, Chapter on Social Engineering Primitives
- cited in 3 questions
- cited in 2 questions
Indian Penal Code, 1860 and Bharatiya Nyaya Sanhita, 2023
Section 354D IPC (Stalking) and Section 78 BNS 2023, electronic-monitoring limb
Open source - cited in 1 question
- cited in 1 question
Reserve Bank of India and CERT-In
Joint customer-awareness circulars on smishing and vishing OTP fraud
Open source - cited in 1 question
- cited in 1 question
Mozilla Developer Network
Cross-Origin Resource Sharing (CORS) and the Same-Origin Policy reference
Open source - cited in 1 question
Cisco Press
Layer 2 Security: Dynamic ARP Inspection and DHCP Snooping configuration guide
- cited in 1 question
Stallings, William
Cryptography and Network Security: Principles and Practice, 7th Edition, Chapter on Network Attack Chains
- cited in 1 question
IETF RFC 6376
DomainKeys Identified Mail (DKIM) Signatures, Section 3.6.2.1 (Selector Lookup)
Open source - cited in 1 question
IETF RFC 8446
The Transport Layer Security (TLS) Protocol Version 1.3, Section 4 (Handshake)
Open source - cited in 1 question
IETF RFC 7489
Domain-based Message Authentication, Reporting and Conformance (DMARC), alignment and policy evaluation
Open source - cited in 1 question
How our mocks are built
Questions are written and edited by the ForensicSpot team and cited from peer-reviewed forensic textbooks, official syllabi and primary case law. Each one is verified before publishing. Detailed explanations show after you submit, so the test stays a real test. See a mistake? Tell us.
Common questions
What does the Digital Forensics: Cyber Crime and Web Security Applied Scenarios mock cover?+
FACT Digital Forensics paper applied-scenario drill on cyber crime and web security, calibrated at the medium band where distractors are near-neighbour sister concepts and the student must match each fact pattern to the correct statute or technique. The set distinguishes Section 66, 66B, 66C, 66D, 66E, and 66F of the Information Technology Act 2000 against specific scenarios, separates phishing variants from spear phishing and whaling through tailoring and targeting cues, classifies ransomware f
How many questions and how long is the test?+
30 multiple-choice questions, 30 minutes total. Difficulty: medium. Tier: Premium.
Who is this mock for?+
Forensic science students and aspirants who want timed, exam-style practice with explanations and verified source citations on Digital Forensics, FACT. Useful for postgraduate entrance preparation and for BSc / MSc forensic students testing their recall under time.
Are the questions reviewed?+
Each question carries a verified source citation. Faculty review for individual questions is in progress.
Do I need an account to take this mock?+
Yes, a free ForensicSpot account is required to start a timed attempt — this lets you save progress, see per-question explanations after submission, and track your topic-level performance over time.