Which two statements about IS-IS authentication are true? (Choose two.)
A. Level 2 LSPs transmit the password encrypted inside the IS-IS PDU.
B. Area and domain authentication must be configured together.
C. Passwords can be configured on a per-interface basis.
D. If LSP authentication is in use, unauthorized devices can form neighbor adiacencies.
E. Lever 1 LSPs use the domain password.
So the correct answers are B and C I think.
B is not correct. They are not required together. Area for L1, domain for L2.
I agree with Tim; A, C
Answers should be A and C.
IS-IS authentication is configured in a somewhat peculiar way: IIH packets are authenti-cated independently of LSP, CSNP, and PSNP packets.
Authentication in IS-IS can be activated independently for IIH and independently for non-IIH (LSP, CSNP, PSNP) packets. IIH authentication is configured on interfaces and applies only to IIH packets exchanged with directly connected neighbors. Therefore, different interfaces of a router can use different IIH passwords. However, if non-IIH packets are to be authenticated, the same type of authentication and the same password must be configured on all routers in an area if L1 non-IIH authentication is used, or on all L2 routers in the domain if L2 non-IIH authentication is used. This behavior is unique to IS-IS: While IIH can be authenticated on each interface independently, authentication of non-IIH packets must be consistent across the entire area for L1, and across the entire domain for L2. While IIH can be authenticated on each interface independently, authentication of non-
IIH packets must be consistent across the entire area for L1, and across the entire domain for L2.
In other words, LSP authentication has no impact on IIH authentication