now, the next couple of slides were gonna dress is all right. Our account's been created fabulous. Once I'm a user that has, ah, legitimate account on the domain. Now I'm gonna access. Resource is right. I want to access a printer, own access a file. I want to
perform rites, whatever those may be.
So as I log on to the domain, which is really my starting point in most environments, the first thing I'm gonna be asked to do is to identify. And if you'll remember from earlier, we never leave off with just identification because identities can be spoofed and identities are spoofed all the talk, right?
you know who wants to create this account, anybody that claims to be admin could do it. That doesn't give us security.
So when we talk about identification, the following step immediately should go right into thinking about how we're gonna prove that. And that's gonna be authenticity.
one little thing, and this should just be standard in today's environment. But I want to point out this third bullet point
Identification must be unique for accountability. And this is kind of from a testing standpoint, just something I want. Oh, make clear. So you know, there might be something to the effect of the most important element for accountability,
you know, and I'm not saying that's a test question, but I could kind of see that link. And at first you're kind of thinking, What are they talking about?
And the idea is, if you don't have individual unique ID's, let's just Sam in an office with 10 people and we all know again as work
right office employees,
Well, how in the world world I have accountability if we're all using the same account
right to me, that's a little bit of a dated idea, because hopefully everybody has unique accounts, but we never assume anything.
Identification Making a claim Today it's most frequently user I d, however,
account numbers, or if I d so if you're going through the easy pass, you know out on the road it's an or if I D that identifies you, and if there's no sort of authenticity following that up, that's where we saw a big problems with these devices being spoofed.
Now, most of the toll booth follow up with taking a picture of the driver's license and matching that driver's license
to the actual R F I D. So that provides an additional protection against spoofing
I Pierre Mac address and you'll hear people always say how easy it is to spoof an I P. How easy it is to spoof the Mac address. It's easy to spoof any identification,
right? That's why we follow up with authentication, which comes next.