Which three NTP operating modes must the trusted-Key command be configured on for authentication to operate properly?

Which three NTP operating modes must the trusted-Key command be configured on for authentication to operate properly? (Choose Three)
A. interface
B. client
C. peer
D. server
E. broadcast

cisco-exams

7 thoughts on “Which three NTP operating modes must the trusted-Key command be configured on for authentication to operate properly?

  1. The correct answer is BCE. Emphasis on “MUST” the trusted-key commands be configured.

    We have four NTP operational modes
    1. Client
    2. Peer
    3. Server
    4. Broadcast/Multicast

    Routers do not circulate broadcast messages, so Broadcast mode is used in same subnet. Broadcast modes is purposed for configurations featuring one or a few severs or a potentially large network. you can use trusted-key in same subnet, but it is not a must.

  2. BCE
    question is about key is about “trusted-Key”.
    in NTP auth is requested by client not by server as any other proto.
    So server always send all keys he haves.
    Only receiver check is one of received keys from server is a trusted one.
    So trusted-Key is only on receiver modes, so any except server.

  3. (config)#ntp peer 1.1.1.1 key ?
    Peer key number
    (config)#ntp server 1.1.1.1 key ?
    Peer key number
    (config-if)#ntp broadcast key ?
    Broadcast key number

    CDE

  4. Answer B-C-D:
    Clients, Server and Peers need the trusted-key command to authenticate their time sources (either a server or another peer).

  5. In my opinion the correct answers are B,C,D because we can configure the broadcast under interface level and there isn’t trusted-key command.
    R1(config-if)#ntp broadcast ?
    client Listen to NTP broadcasts
    destination Configure broadcast destination address
    key Configure broadcast authentication key
    version Configure NTP version

Leave a Reply

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.