 Now, let's look at network security. Now in network security, we again have authentication, authorization. Here let's talk a bit more about authentication. In authentication, we these days use a multi-factor authentication. So what do we mean by multi-factor? Certain things, say knowledge about some information, a certain possession and a certain inheritance of you can prove that you are the right person. So what do we mean by that? Knowledge is something like a password, something that you remember. Inheritance is say your iCard, something that you possess because you belong to the company. And inheritance is something that has been with you since you were born. For example, your fingerprints or your iris. So by using these three different factors, you could authenticate yourself. Now depending on how confidential it is, we could use either or a multiple of them. Now these days, we also have something called location. For example, if there are certain systems which can only be accessed from say a given location, then you can have authentication factors which check where you are right now and only then allow you to enter. For example, if there is a very machine critical server somewhere and it can only be accessed from the server room, then the access can only happen while you are on the server or on the machine. So remote access is not allowed. But now let us look at authorization. So on a network, authorization is divided into two parts, which is the network policy of authorization and the user policy. So the network policy means that who is authorized to enter which part of the network. So unlike there is a guest who has come to the company, he is maybe just authorized to access the internet. Whereas a person who is working as a network engineer or say a security engineer is able to access a confidential network called the out of band management network in companies which basically is used to manage network devices. The standard employees of the company who are not involved in the networking roles do not even have access to that network. So the network policy determines which part of the network do you have access to. Similarly, there is a user policy. So in user policy, what you have is which applications do you have access to or which systems do you have access to. So this policy basically determines the applications or say which systems which a user can access.