Authentication

Factor	Example
Something you know.	Client logs in with username and password.
Something you have.	Client logs in using credentials and token.
Something you are.	Client uses fingerprints with credentials.
Something you do.	Required action completed with credentials.
Somewhere you are.	Geolocation confirmation with credentials.

When implementing a single factor authentication, it is best to know all pros and cons that come along with.  One of the first cons is the ability to easily guess a username based on common usage.  Another con is the lack of strong passwords created by the end user.  Even if a policy is in place most users do not abide by it and therefore the security has risks.  The only pro of which I could imagine for single factor authentication is the costs, as it is extremely affordable. 

Utilizing multi-factor authentication may cost more but your network security would overall be stronger.  No matter the factor chosen it will strengthen your security, but at a cost.  A con aside from the costs would be problematic hardware causing clients the inability to login.  A pro aside from a stronger security system, would be the money saved from possible data loss if it was not in use.

The main key to layered security and defense in depth is within the name.  It all comes down to ensuring multiple layers of security has been implemented.  If you only have one layer of security, it is easier to break in and remove the data being protected.  Whereas if multiple layers of security are utilized properly, it would require further layers to break which would be difficult.

An analogy that could be used to explain layered security and defense in depth within the physical world could be the security used for a data center.  For a building that is in the middle of the city, before the front doors there is a security guard and concrete posts.  The next layer of security would be the guards inside and the key card access required to use the elevators.  The third layer of security would be the multiple doors and key card locks to enter the room containing the servers.

Transitive access can be explained simply by if you trust your significant other and he or she trusts another person, therefore you would trust that person.  This can be explained further by stating you trust your significant others family simply because he or she trusts them.  Whereas, if he or she did not trust them then you would not trust them either.

The transitive access technique can be extremely important within larger networks as it is easier to setup and maintain.  Simply there is no intervention required by administrators to establish trusts.  The only problem with this technique is it allows hackers to acquire additional trusts than normal when joining a domain.

Access Control Method	Definition
Mandatory	All predefined and inflexible for how access is allowed.
Discretionary	Flexibility how access is allowed and allows users to share.
Role-Based	Established roles within specific job function for the period.
Rule-Based	Preconfigured policies to allow or deny users on a list.

Protocol	Definition	Use
PPTP	Encapsulates in a solo point-to-point environment.	VPN Tunneling
L2F	Provides authentication, but no encryption.	Remote connections.
L2TP	PPTP and L2F hybrid, that can be utilized to bridge across multiple systems.	Bridge multiple kinds of systems.
SSH	Utilizes encryption to launch a safe connection between two systems.	Remote connections.
IPSec	Provides safe verification and encryption of data and headers.	VPN Tunneling.

References

Dulaney, E., & Easttom, C. (2014). CompTIA Security+ Study Guide, Sixth Edition. Indianapolis: John Wiley & Sons,.

HID. (2008). Technology Basics White Paper. Retrieved from http://www.2fa.com/downloads/collateral/hotd_username_password_wp_en.pdf