1. Access Control, Authorization, and Authentication:
   • Access Control: Restricts access to data and systems based on user roles. IT staff use the rule of least privilege, granting users access only to the resources needed to perform their job.
   • Authorization: Grants permission to users to access specific resources or perform actions. Access control must be in place before authorization is granted.
   • Authentication: Confirms the identity of a user through credentials like passwords or biometrics.
2. Access Control Details:
   • Role-Based Access Control (RBAC): Organizes users into groups based on roles within the company (e.g., customer, employee). Each group is assigned specific permissions based on their job function.
   • Users are given the lowest level of access needed to perform their job effectively.
3. Authentication Factors:
   • Something You Know: Username, password, PIN, or answers to security questions.
   • Something You Have: Physical devices like mobile phones, security keys, or badges.
   • Something You Are: Biometric data such as fingerprints, facial recognition, iris, or voice scans.
   • Authentication Methods: Single-factor (SFA), two-factor (2FA), multi-factor (MFA), and single sign-on (SSO). MFA and 2FA are the most secure because they require multiple factors for authentication.
4. Digital Accounting:
   • Logs: Audit logs track system events, showing who performed what actions and how the system behaved.
   • Tracking: Websites track a user’s device information like operating system, browser version, and time spent on the site.
   • Cookies: Small bits of code used to personalize browsing sessions and track user behavior. Cookies can also enforce site rules by banning users who violate conditions.
   • Browsing History: A list of recently visited sites. Attackers may use this to impersonate victims or find useful information.
5. Non-Repudiation Methods:
   • Video: Recordings can confirm someone’s presence in a location.
   • Biometrics: Fingerprint or iris scans verify that a person accessed a particular system or area.
   • Signature: Digital signatures, when combined with a hardware token, provide authentication that a document was signed by a specific person.
   • Receipt: Digital receipts confirm that a message or transaction was sent between parties.
6. Key Takeaways:
   • Strong authentication, authorization, and access control are necessary for robust security.
   • Logs, tracking, cookies, and browsing history are used for troubleshooting and security analysis.
   • Non-repudiation methods like video, biometrics, signatures, and receipts ensure that actions cannot be denied after they occur.

The video emphasizes balancing these security measures to prevent misuse, ensuring that permissions are carefully managed, and using strong authentication practices.