In this chapter we covered authentication, the process of verifying the identity of the user attempting to access a computer or other network resource. Once a user's identity has been proven to a reasonable level, authorization can occur. Windows XP Professional can provide total authentication services or it can interoperate with Windows NT, Windows 2000, and Windows 2003.The specific procedures of Windows XP authentication were covered including Kerberos and NTLM and how the log-on process works with each of these authentication types. Also covered in this chapter were new authentication features within Windows XP and best practices for configuration and management of Windows XP authentication. From here we move to the next step for a user to access a network resource or computer. Authorization, or determining that a verified user has been granted permission to access a specific resource or given the right to perform a specific task, is covered in the next chapter.