From the course: Cert Prep: ISC2 Certified in Cybersecurity (CC)

Authentication and authorization

- As IT professionals, one of the most important things that we do is ensure that only authorized individuals gain access to the information, systems and networks that are under our protection. The access control process consists of three steps that you must understand. These steps are identification, authentication and authorization. During the first step of the process, identification, an individual makes a claim about their identity. Now, the person trying to gain access doesn't present any proof at this point. They simply make an assertion. It's important to remember that the identification step is only a claim and the user could be making a false claim. Now imagine a physical world scenario where you want to enter a secure office building where you have an appointment. During the identification step of the process, you might just walk up to the security desk and say, "Hi! I'm Mike chapel." Proof comes into play…
