Microsoft Certified: Azure Fundamentals (AZ-900) 2025 – 400 Free Practice Questions to Pass the Exam

The correct answer is GDPR, which stands for the General Data Protection Regulation. This regulation was enacted by the European Union (EU) and is enforced by government agencies in the EU member states. It establishes guidelines for the collection and processing of personal information, ensuring that individuals have greater control over their personal data. The enforcement of GDPR includes significant penalties for organizations that fail to comply with its mandates, ultimately protecting the privacy rights of individuals and holding companies accountable for their data practices.

ISO refers to the International Organization for Standardization, which develops and publishes international standards. However, these standards are not enforced by government agencies but are voluntary guidelines that organizations may adopt.

NIST stands for the National Institute of Standards and Technology, which provides standards and guidelines, particularly for information security within the United States. While NIST is influential and widely followed, its standards do not have the force of law as enforced regulations like GDPR.

DHL is a logistics and shipping company, not a regulatory framework or standard. It does not relate to data protection or create legal requirements enforced by government agencies.

Therefore, GDPR is the correct choice as it is a legally binding regulatory framework with enforcement by governmental entities.