Step 1: Read what the question is really asking.
The Information Technology Act, 2000 deals with two kinds of wrongs when someone misuses a computer. One kind only asks the wrongdoer to pay money (civil), and the other kind sends the wrongdoer to court for punishment (criminal). The question wants the situation that makes it a crime.
Step 2: Learn the simple difference.
Civil liability is about the harm caused. If someone touches your computer without permission and damage happens, you can ask for compensation under Section 43. That is just paying money for the loss.
Step 3: Understand what turns it into a crime.
A crime needs a guilty mind, which lawyers call mens rea. Chapter XI of the Act lists the real offences. For example, Section 66 (hacking), Section 66C (identity theft) and Section 66D (cheating by computer) all need the act to be done dishonestly or fraudulently. That bad intention is the key.
Step 4: Check the wrong options one by one.
A money limit (option 1) is not what decides between civil and criminal here. The victim simply choosing to file a case (option 3) cannot by itself create a crime. Access without permission no matter the intent (option 4) is the civil side under Section 43, not a crime, because there is no guilty mind.
Step 5: Pick the option with the guilty mind.
Only one option adds dishonesty or fraud to the unauthorised access. That extra bad intention is exactly what the criminal sections demand, so that is the situation which attracts criminal punishment.
Step 6: State the answer.
So criminal liability arises when the act is dishonest or fraudulent on top of unauthorised access. \[ \boxed{\text{When the act is done dishonestly or fraudulently in addition to unauthorised access}} \]