In most organizations, access to the computer or the network is granted only after the user has entered a correct username and password. This process consists of 3 steps: identification, authentication and authorization. What is the purpose of the second step, authentication?

A.
In the second step, you make your identity known, which means you are given access to the system.

B.
The authentication step checks the username against a list of users who have access to the system.

C.
The system determines whether access may be granted by determining whether the token used is authentic.

D.
During the authentication step, the system gives you the rights that you need, such as being able to read the data in the system.

Explanation:
Granting access to authorized users involves a number of steps which include identification of the user, authentication of this user and authorizing the user to access an asset. Identification is the first step in the process to granting access. In identification a person presents a token, for example an account number or username. The system then needs to determine whether the token is authentic. To determine the authenticity of, for example, a username, the system checks if the username exists within the system. If the username exists the user is requested to give a password. The systems tests if the password is registered with the given username. If both these tests are valid, a user is authenticated. In this example, authenticating the username is based on its existence in the system and a valid password. From this information it can be derived that a valid user is requesting access. Subsequently the system checks the resources to which access may be granted based on the permissions attached to authenticated user.