---
type: "rule"
title: "R-CRED"
description: "Credential acquisition maps to the enabling cluster."
resource: "tlctc:rule:R-CRED"
tags:
  - "taxonomy"
  - "rule"
  - "must"
enforcement_level: "must"
machine_enforceable: false
---
# R-CRED

Credential acquisition maps to the enabling cluster. Credential application (use of the credential to authenticate) is ALWAYS classified as #4 Identity Theft, regardless of the acquisition method. These are separate attack steps.

# Schema

- **Enforcement level:** must
- **Machine enforceable:** false