Use VCE Exam Simulator to open VCE files
CIPP-US IAPP Practice Test Questions and Exam Dumps
Question 1:
What types of jurisdiction must a court possess to be able to hear and decide a specific legal case?
A. Subject matter jurisdiction and regulatory jurisdiction
B. Subject matter jurisdiction and professional jurisdiction
C. Personal jurisdiction and subject matter jurisdiction
D. Personal jurisdiction and professional jurisdiction
Answer: C
Explanation:
For a court to lawfully hear and decide a legal case, it must have both personal jurisdiction and subject matter jurisdiction. These two types of jurisdiction define a court’s authority over the people involved in the case and over the legal issues at stake. Without either one, any decision made by the court would be considered invalid and subject to challenge.
Subject matter jurisdiction refers to the court’s legal authority to hear a particular type of case. Different courts have different subject matter jurisdictions based on the nature of the case. For example, federal courts in the United States have subject matter jurisdiction over cases involving federal laws, constitutional questions, or disputes between citizens of different states when the amount in controversy exceeds a certain threshold. State courts typically have subject matter jurisdiction over matters governed by state laws. If a court lacks subject matter jurisdiction, it cannot hear the case at all, regardless of where the parties are located or who they are.
Personal jurisdiction refers to a court’s authority over the parties involved in the lawsuit. For a court to exercise personal jurisdiction, the defendant must have sufficient minimum contacts with the jurisdiction where the court is located. This concept is rooted in the idea of fairness and due process. A person or entity cannot be brought into court in a particular state unless they have purposefully availed themselves of the benefits and obligations of operating or acting in that state. For example, if a company sells products in a certain state, it may be subject to personal jurisdiction there.
Looking at the options:
Option A is incorrect because "regulatory jurisdiction" is not a formal category of jurisdiction recognized by courts. Regulatory jurisdiction may be a concept used in administrative or regulatory law, but it is not what courts require to hear a case.
Option B is also incorrect because "professional jurisdiction" is not a recognized legal requirement for court proceedings. This term might relate to licensing boards or disciplinary bodies, but not to the general authority of courts.
Option D suffers from the same flaw as option B. "Professional jurisdiction" is not a relevant legal category for court authority over a case.
Only option C correctly combines the two necessary forms of jurisdiction—personal and subject matter. A court must be authorized to hear the kind of dispute involved (subject matter jurisdiction) and must have authority over the parties (personal jurisdiction). This dual requirement ensures that the court is both properly empowered and that its actions are fair to the individuals involved. Without either, the case cannot proceed in that court.
Question 2:
Which organization is responsible for overseeing and enforcing regulations that govern online advertising directed at children?
A. The Office for Civil Rights
B. The Federal Trade Commission
C. The Federal Communications Commission
D. The Department of Homeland Security
Correct answer: B
Explanation:
The agency tasked with supervising and enforcing laws related to advertising to children over the internet is the Federal Trade Commission (FTC). The FTC is a federal agency whose primary mission is to protect consumers and ensure a strong competitive market by enforcing a variety of consumer protection and antitrust laws. When it comes to protecting children online, especially from deceptive or harmful advertising practices, the FTC plays a crucial role.
One of the most relevant pieces of legislation in this context is the Children’s Online Privacy Protection Act (COPPA), which was enacted in 1998 and enforced by the FTC. COPPA was designed to give parents control over what information is collected from their children online. The law applies to websites and online services (including apps) that are directed to children under 13 years of age or that knowingly collect personal information from children under 13.
The FTC ensures that companies comply with COPPA by regulating how they collect, use, and disclose children's personal information. More importantly, COPPA restricts the use of this data for behavioral advertising—advertising that targets children based on their online behavior, preferences, and habits. This law essentially places boundaries on how children can be targeted through online advertising and what kind of data can be used to serve those ads.
Beyond COPPA, the FTC also takes enforcement action when it finds that advertising aimed at children is deceptive or unfair, two key standards under Section 5 of the Federal Trade Commission Act. For example, if an online ad misleads children about the nature of a product or encourages them to make in-app purchases without proper disclosure, the FTC has the authority to step in and impose penalties or require corrective action.
Now let’s briefly explain why the other options are incorrect:
A. The Office for Civil Rights (OCR): This agency is part of the U.S. Department of Health and Human Services and focuses primarily on ensuring non-discrimination and protecting civil rights in health care and education settings. It does not regulate online advertising practices.
C. The Federal Communications Commission (FCC): While the FCC regulates communications via radio, television, wire, satellite, and cable, it does not oversee online advertising content specifically. The FCC is more involved in content broadcasting standards, not internet-based marketing practices.
D. The Department of Homeland Security (DHS): This agency is responsible for public security, dealing with terrorism, border security, and cyber threats—but it does not regulate commercial advertising or children’s online privacy.
Therefore, based on both legislative authority and historical enforcement practices, the Federal Trade Commission is the correct authority responsible for supervising and enforcing laws that pertain to internet advertising aimed at children.
Question 3:
Under Section 5 of the FTC Act, what does self-regulation primarily allow a company to do?
A. Determine which bodies will be involved in adjudication
B. Decide if any enforcement actions are justified
C. Adhere to its industry’s code of conduct
D. Appeal decisions made against it
Answer: C
Explanation:
Section 5 of the Federal Trade Commission (FTC) Act prohibits “unfair or deceptive acts or practices in or affecting commerce.” While this is a government-enforced law, it also recognizes the importance and practicality of self-regulation in certain commercial contexts. Self-regulation refers to the practice whereby industries or individual companies create and follow their own codes of conduct, ethical guidelines, or best practices, often through trade associations or professional organizations.
Option A states that companies can determine which bodies will be involved in adjudication. This is incorrect because adjudication—meaning formal judgment in a dispute—is typically handled by independent courts or government agencies like the FTC. A company does not have the authority under Section 5 to determine which adjudicatory bodies will be used. Legal jurisdiction and enforcement mechanisms are governed by established laws and procedures, not by the discretion of the regulated company.
Option B claims that companies may decide whether enforcement actions are justified. This is also incorrect. Enforcement actions under the FTC Act are initiated by the FTC itself, not the companies being investigated or regulated. Companies may defend themselves or present arguments against such actions, but they do not have the authority to decide whether enforcement is warranted. That role lies entirely with the FTC or the judicial system.
Option C is correct. One of the clearest expressions of self-regulation is a company choosing to adhere to an industry’s code of conduct. This means the company voluntarily agrees to follow rules or standards established by a professional body or trade group. These codes often go beyond what is legally required and reflect shared values or best practices in areas such as advertising, privacy, or fair competition. While adherence is voluntary, a company that claims to follow such a code and then fails to do so may be found in violation of Section 5 for engaging in deceptive practices. This creates a link between self-regulation and enforceable legal standards.
Option D states that companies have the right to appeal decisions made against them. While due process allows for appeals in the judicial system, this is a legal right provided by administrative law, not a defining feature of self-regulation. Therefore, this option does not accurately reflect what self-regulation primarily entails under the FTC Act.
In conclusion, the essence of self-regulation under Section 5 of the FTC Act lies in a company’s voluntary compliance with ethical or professional standards such as an industry code of conduct. This helps foster trust, minimize legal risks, and demonstrate accountability to regulators and the public, making option C the most accurate answer.
Question 4:
Which of the following was NOT identified as one of the five key priority areas in the Federal Trade Commission’s 2012 report titled “Protecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers”?
A. International data transfers
B. Large platform providers
C. Promoting enforceable self-regulatory codes
D. Do Not Track
Correct answer: A
Explanation:
In its 2012 final report titled “Protecting Consumer Privacy in an Era of Rapid Change,” the Federal Trade Commission (FTC) laid out a series of recommendations aimed at enhancing privacy protections for consumers in the rapidly evolving digital landscape. The report built upon the FTC’s 2010 preliminary framework and reflected feedback from public comments and stakeholder discussions.
The FTC’s final report emphasized five priority areas that it believed required particular attention due to their growing significance in the digital ecosystem and their potential impact on consumer privacy. These five priority areas were:
Do Not Track – The FTC strongly advocated for the development and implementation of a universal and effective Do Not Track mechanism that would allow consumers to opt out of online behavioral tracking. This initiative aimed to give users more control over how their personal browsing data was being collected and used by advertisers and data brokers.
Mobile – The report highlighted concerns about privacy in the mobile environment, which was experiencing rapid growth at the time. The FTC pushed for greater transparency and improved privacy disclosures in mobile apps and mobile advertising, including simplified privacy notices and easier user access to settings.
Data Brokers – The FTC recommended greater transparency and accountability for data brokers—companies that collect and trade vast amounts of consumer data, often without consumers' knowledge or consent. The report called for these entities to provide consumers with better access to their data and more control over its use.
Large Platform Providers – The FTC expressed concern about companies that serve as large portals or platforms, such as internet service providers or major social networks, because they have access to large volumes of detailed consumer information. The report stressed the need for these entities to be held to high standards of privacy protection due to the scope of data they handle.
Promoting Enforceable Self-Regulatory Codes – The FTC recommended that industry groups and stakeholders develop self-regulatory codes of conduct that are enforceable and meaningful. The report encouraged companies to take initiative and build privacy protection into their business models, with oversight from the FTC to ensure compliance and effectiveness.
Now, let’s consider why option A (International data transfers) is not one of these five priority areas. While international data transfers are certainly an important aspect of global privacy discussions and were mentioned in broader policy contexts, they were not explicitly identified as one of the five specific priority areas in the 2012 FTC report. The FTC's report focused primarily on domestic consumer privacy risks and solutions within the United States regulatory and commercial framework.
In contrast, discussions on international data transfers—such as cross-border data flows, the role of safe harbor frameworks (later replaced by Privacy Shield and then standard contractual clauses), and issues involving the European Union’s data protection rules—have typically been handled separately through regulatory negotiations and trade discussions, rather than being highlighted as a central concern in the FTC’s 2012 privacy report.
To summarize, although international data transfers are a significant privacy issue in general, they were not singled out by the FTC in 2012 as one of its five core priority areas for privacy reform.
Therefore, the correct answer is A.
Question 5:
The “Consumer Privacy Bill of Rights” introduced in the 2012 report by the Obama administration is primarily derived from which foundational framework?
A. The 1974 Privacy Act
B. Common law principles
C. European Union Directive
D. Traditional fair information practices
Answer: D
Explanation:
The “Consumer Privacy Bill of Rights,” introduced in 2012 by the Obama administration as part of the White House’s framework for protecting privacy in the digital age, is fundamentally rooted in the concept of fair information practices (FIPs). These practices have historically guided the development of privacy laws and policies in the United States and around the world. The document aimed to address growing concerns over how personal data is collected, used, and shared in an increasingly digital and connected economy.
The fair information practices date back to the early 1970s and were first outlined in a 1973 U.S. Department of Health, Education, and Welfare report. These principles were later adopted and expanded upon by the Organization for Economic Cooperation and Development (OECD) in its 1980 Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. The core FIPs include principles such as notice, choice, access, accuracy, data minimization, security, and accountability. These concepts have formed the backbone of U.S. and international privacy frameworks for decades.
The Consumer Privacy Bill of Rights includes seven major principles, which closely mirror traditional FIPs:
Individual Control – the right of individuals to control the personal data companies collect from them.
Transparency – the right to easily understandable information about privacy and security practices.
Respect for Context – data should be used in ways consistent with the context in which it was provided.
Security – companies should secure personal data against unauthorized access and use.
Access and Accuracy – individuals should have access to their personal data and the ability to correct inaccuracies.
Focused Collection – companies should collect only the data necessary for specific purposes.
Accountability – companies should be accountable for adhering to these principles.
Option A refers to the 1974 Privacy Act, which applies to how U.S. federal agencies handle personal data. While it was a milestone in government privacy regulation, it does not serve as the direct basis for the Consumer Privacy Bill of Rights, which focuses more on private sector data handling.
Option B refers to common law principles, which may influence general notions of privacy (such as intrusion upon seclusion or breach of confidence), but they are not the structured foundation for this document.
Option C refers to the European Union Directive 95/46/EC, which influenced global privacy thinking and later became the basis for the GDPR. Although it shares similarities with FIPs, the Consumer Privacy Bill of Rights was not directly based on the EU Directive but on longstanding U.S. information policy norms.
Therefore, the most accurate and appropriate answer is that the Consumer Privacy Bill of Rights is based on traditional fair information practices, making D the correct choice.
Question 6:
What is the name of the legal document, approved by a judge, that formalizes a settlement agreement between a government agency and a party it has taken action against?
A. A consent decree
B. Stare decisis decree
C. A judgment rider
D. Common law judgment
Correct answer: A
Explanation:
A consent decree is a legally binding agreement that resolves a dispute between two parties—typically a government regulatory agency and an adverse party (often a company or organization)—without the need for a trial. It is approved and entered by a judge, thereby making it enforceable by the court. Consent decrees are commonly used in regulatory, antitrust, environmental, and civil rights cases where a government entity seeks to bring about change in behavior or business practices, but both parties agree to a settlement rather than engaging in prolonged litigation.
In essence, a consent decree serves two key purposes: (1) it functions as a settlement agreement, and (2) it carries the force of a judicial order. Once approved by a court, failure to comply with the terms of a consent decree can result in legal penalties, including contempt of court charges. This makes it a powerful enforcement mechanism for government agencies like the Federal Trade Commission (FTC), Department of Justice (DOJ), Environmental Protection Agency (EPA), and others.
Consent decrees are often used in FTC cases involving privacy violations, deceptive marketing practices, or anticompetitive behavior. For example, when the FTC determines that a company has violated consumer protection laws—such as mishandling personal data or misleading consumers—it may negotiate a consent decree with the company. The decree may include specific requirements such as modifying business practices, submitting to regular audits, or paying financial penalties.
Here’s why the other options are incorrect:
B. Stare decisis decree: This term incorrectly combines the legal principle of stare decisis with the concept of a decree. Stare decisis is a doctrine that courts use to follow precedent—meaning they are guided by previous decisions in similar cases. It is not a type of legal document or settlement.
C. A judgment rider: This is not a recognized legal term in U.S. law. While "rider" can refer to an additional provision or amendment attached to a document (such as legislation or insurance), it is not a formal mechanism for resolving disputes or entering into court-approved agreements.
D. Common law judgment: While a judgment can arise from a common law case, this term refers generally to a court’s final ruling in a legal dispute based on judicial precedent. It does not describe a negotiated or agreed-upon settlement between parties, especially one involving regulatory enforcement.
To summarize, a consent decree allows a government agency and a defendant to resolve a dispute efficiently, often including specific obligations for future behavior. Because the court endorses the agreement, it gains the legal weight of a judicial order. This makes it a favored tool in regulatory enforcement, particularly when swift compliance is needed without the delay and expense of trial proceedings.
Thus, the correct answer is A.
Question 7:
Based on the following notice, what type of legal consent mechanism is not provided?
“Our website uses cookies. Cookies allow us to identify the computer or device you’re using to access the site, but they don’t identify you personally. For instructions on setting your Web browser to refuse cookies, click here.”
A. Mandatory
B. Implied consent
C. Opt-in
D. Opt-out
Answer: C
Explanation:
To understand the correct answer, it's important to examine how different types of consent work in the context of data privacy, especially regarding the use of cookies. The notice provided informs users that cookies are in use, describes their function in general terms, and offers a way to opt out by adjusting browser settings. This gives us clues about which type of consent is being used — and which is not.
Let’s break down the types of consent one by one.
Implied consent occurs when a user is informed about data practices and continues to use the service without taking any action to change or block those practices. In this notice, the site tells users that cookies are being used and gives them an option to disable cookies through their browser. If the user continues using the site without changing cookie settings, their consent is implied. So, implied consent is provided.
Opt-out consent means that data collection occurs by default, but users are given a way to refuse or block it after the fact. The statement, “For instructions on setting your Web browser to refuse cookies, click here,” provides an opt-out mechanism. It allows the user to take action if they don’t want to be tracked via cookies. Therefore, opt-out consent is also provided.
Mandatory consent refers to situations where consent is not optional. In such cases, if the user does not agree to the practice (e.g., cookie use), they cannot use the service. There is no indication in the notice that using cookies is a condition for accessing the website or that refusal will block access. Since cookie use is not presented as a requirement, mandatory consent is not applicable here.
Opt-in consent means the user must actively agree before any data collection or tracking occurs. This would typically require a banner or checkbox where users click “I agree” before cookies are enabled. The notice does not include any such requirement for affirmative action before cookie use begins. Therefore, opt-in consent is not provided in the notice.
Since the question specifically asks which type of legal choice is not provided, and given that the notice only describes cookies in use and offers the ability to block them through browser settings, it aligns with implied and opt-out models, but does not include an opt-in mechanism.
Thus, the correct answer is C.
Question 8:
Why would Cheryl benefit most from following Janice’s recommendation to classify customer information into different levels of sensitivity?
A. It will help employees stay better organized
B. It will help the company meet a federal mandate
C. It will increase the security of customers’ personal information (PI)
D. It will prevent the company from collecting too much personal information (PI)
Correct answer: C
Explanation:
The main reason Janice, the privacy professional, recommends classifying customer data by sensitivity levels is to increase the security and protection of personal information (PI). This approach is a foundational principle in privacy management and aligns with widely accepted privacy frameworks such as the Fair Information Practice Principles (FIPPs) and data protection laws like the General Data Protection Regulation (GDPR) and others that emphasize the importance of proportional safeguards based on risk.
Classifying data by sensitivity allows a company to treat information with a level of protection that is appropriate to its potential impact if misused or breached. For example, highly sensitive information such as health data, payment information, or identifiable details might require strong encryption, limited access, or stricter handling policies, while less sensitive data—such as general service preferences—may be handled with fewer restrictions. By doing this, a company doesn’t waste resources overprotecting trivial data, nor does it leave critical data vulnerable due to a "one-size-fits-all" approach, which Cheryl currently favors.
Cheryl’s current desire for a single, universally accessible data system may seem efficient on the surface, but it increases risk exposure. If every employee can access all customer information—regardless of its sensitivity—then even temporary or junior staff might access private fitness histories, medical limitations, or other highly personal information. If there’s a data breach or unauthorized use, the consequences would be more severe. Janice’s recommendation directly addresses this by encouraging data minimization and access control, helping Fitness Coach, Inc. better protect client trust and avoid potential legal liabilities.
Let’s briefly evaluate why the other options are not as strong:
A. It will help employees stay better organized: While organization might improve slightly, this is not the core reason for classifying data by sensitivity. Classification is about protection, not just administrative tidiness.
B. It will help the company meet a federal mandate: This may or may not be true depending on jurisdiction. In the U.S., there is no single federal privacy law that mandates data classification for most businesses (excluding specific industries like healthcare under HIPAA). Therefore, this answer is too broad and not universally accurate.
D. It will prevent the company from collecting too much personal information (PI): Data classification does not inherently limit collection. That would be the role of data minimization policies. Classification comes after collection to manage and protect what has been gathered.
By following Janice’s recommendation, Cheryl would be adopting a risk-based approach to data management—focusing resources where the most harm could occur and easing her compliance burden while enhancing trust. This not only improves customer data security but also positions the company to adapt to future legal or industry privacy standards.
Therefore, the most compelling reason for Cheryl to adopt data classification is that it increases the security of customers’ personal information, making the correct answer C.
Question 9:
What is the most likely risk Fitness Coach, Inc. could face if it adopts Janice’s initial draft of the privacy policy as it is currently written?
A. Leaving the company susceptible to violations by setting unrealistic goals
B. Failing to meet the needs of customers who are concerned about privacy
C. Showing a lack of trust in the organization’s privacy practices
D. Not being in standard compliance with applicable laws
Answer: A
Explanation:
The scenario describes a situation where Cheryl, the owner of Fitness Coach, Inc., has hired Janice, a privacy professional, to help draft a formal privacy policy for the company. Janice's draft includes several strong data protection principles such as limiting data retention to one year and requiring written consent before any third-party sharing. While these principles align with good privacy practices, they represent a significant operational shift for the company. Cheryl expresses concerns that these rules could disrupt service quality and internal operations, particularly since some third-party service providers need access to customer information for legitimate business functions.
The question asks for the most likely risk of adopting Janice’s draft as is.
Option A identifies a real and relevant concern: that setting unrealistic goals could make the company vulnerable to privacy violations. If Fitness Coach, Inc. adopts overly rigid data retention limits or absolute restrictions on third-party sharing, it may not be able to meet these standards in practice. For example, if an aerobics instructor needs to know a student’s fitness level but is denied access due to the policy, the company might be tempted to bypass its own rules to maintain service quality. This would not only violate the privacy policy but also expose the company to regulatory scrutiny for non-compliance with its self-imposed obligations. In essence, the company may unintentionally set itself up to fail by committing to practices that are too stringent to be followed consistently.
Option B is incorrect because it assumes the policy would fail to meet the needs of privacy-conscious customers. In fact, Janice’s draft seems designed to enhance customer privacy by limiting data sharing and retention. Customers concerned about privacy would likely welcome these protections, even if they pose challenges for the company.
Option C suggests that adopting the policy would signal a lack of trust in the company’s practices. However, implementing a formal policy is a sign of increased trust and accountability, not the opposite. Cheryl’s concern is about practicality, not about casting doubt on her staff’s ethics or trustworthiness.
Option D suggests the draft policy may lead to non-compliance with laws, but Janice is a privacy professional who likely understands applicable legal requirements. There is no indication that the policy violates the law—rather, the issue is whether the business can realistically meet the policy’s commitments.
Therefore, the primary risk is not legal non-compliance or damaging customer trust, but rather that the company could end up making promises it cannot operationally fulfill. That would leave it susceptible to violations, even unintentionally, thereby undermining both compliance and credibility.
The best choice is A.
Question 10:
What is the primary drawback of Cheryl’s proposed approach of rolling out the new privacy policy gradually across departments and using layered documents to communicate relevant sections?
A. The policy would not be considered valid if not communicated in full.
B. The policy might not be implemented consistently across departments.
C. Employees would not be comfortable with a policy that is put into action over time.
D. Employees might not understand how the documents relate to the policy as a whole.
Correct answer: B
Explanation:
Cheryl’s intention to implement the new privacy policy gradually—rolling it out department by department—and communicating it using layered, department-specific documents stems from her concern about operational disruption and employee adjustment. While this approach may seem reasonable from a managerial standpoint, it introduces a critical issue: the risk of inconsistent implementation of the privacy policy across different parts of the organization.
The correct answer is B because a staggered or segmented rollout increases the likelihood that some departments will interpret, prioritize, or enforce policy provisions differently than others. This inconsistency can result in uneven privacy protection across the company, exposing Fitness Coach, Inc. to both legal liability and reputational damage. Privacy policies must be applied uniformly to ensure that all personal data is handled in accordance with the same principles and standards, regardless of the department handling it.
From a privacy governance perspective, a key element of policy effectiveness is enterprise-wide consistency. When one department is subject to strict data retention or consent rules and another is not yet implementing those same requirements, customer data can be mishandled or compromised. For instance, if the customer service team follows the new one-year data retention rule but the marketing team does not, personal information could be stored and used in violation of company policy and possibly privacy laws.
Let’s examine the other answer choices:
A. The policy would not be considered valid if not communicated in full: This statement is too rigid. While it's best practice to make the entire policy accessible to all employees, it’s not necessarily true that a policy becomes legally invalid if it's not presented in full to each individual immediately. What matters more is that employees receive the relevant information needed for compliance in their role and that the company can demonstrate it made efforts to train and inform all staff appropriately.
C. Employees would not be comfortable with a policy that is put into action over time: Many employees actually appreciate phased rollouts because they allow time for training and adjustment. Gradual implementation can reduce resistance, making this an unlikely main issue.
D. Employees might not understand how the documents relate to the policy as a whole: While this is a possible secondary concern, it is not the primary problem. Layered policies can be effective if clearly designed, with summaries linking to the broader document. The main concern is not confusion, but inconsistent application of privacy standards between departments.
In privacy management, uniform policy application is essential to protecting customer data, maintaining legal compliance, and building customer trust. Even if different departments have unique functions, the overarching rules—such as how long data is retained or when it can be shared—must be applied consistently. Allowing departments to implement rules on separate timelines and with customized summaries risks creating gaps in compliance and weakening the company's overall privacy posture.
For these reasons, the best answer is B.
Top Training Courses
SY0-701
CompTIA Security+
$14.99
AZ-104
Microsoft Azure Administrator
$14.99
200-301
Cisco Certified Network Associate (CCNA)
$14.99
AWS Certified Solutions Architect - Associate SAA-C03
AWS Certified Solutions Architect - Associate SAA-C03
$14.99
AZ-305
Designing Microsoft Azure Infrastructure Solutions
$14.99
PL-300
Microsoft Power BI Data Analyst
$14.99
350-401
Implementing Cisco Enterprise Network Core Technologies (ENCOR)
$14.99
AZ-900
Microsoft Azure Fundamentals
$14.99
CS0-003
CompTIA CySA+ (CS0-003)
$14.99
CISSP
Certified Information Systems Security Professional
$14.99
