nerdexam
Cisco

350-401 · Question #176

Which two security features are available when implementing NTP? (Choose two )

The correct answer is D. encrypted authentication mechanism E. access list-based restriction scheme. NTP provides security through encrypted authentication mechanisms to verify message authenticity and access list-based restriction schemes to control which clients can synchronize or query.

Submitted by kevin_r· Mar 6, 2026

Question

Which two security features are available when implementing NTP? (Choose two )

Options

  • Asymmetric server passwords
  • Bdock offset authentication
  • Cbroadcast association mode
  • Dencrypted authentication mechanism
  • Eaccess list-based restriction scheme

How the community answered

(41 responses)
  • A
    2% (1)
  • B
    5% (2)
  • C
    2% (1)
  • D
    90% (37)

Why each option

NTP provides security through encrypted authentication mechanisms to verify message authenticity and access list-based restriction schemes to control which clients can synchronize or query.

Asymmetric server passwords

While NTP uses symmetric keys for authentication, 'symmetric server passwords' is not a standard or accurate term for the security feature; the core feature is encrypted authentication using shared symmetric keys.

Bdock offset authentication

'Dock offset authentication' is not a recognized NTP security feature or term; NTP focuses on authenticating the source and integrity of time messages, not a concept like 'dock offset'.

Cbroadcast association mode

Broadcast association mode is an operational mode for NTP, not a security feature; it allows clients to discover NTP servers but inherently provides less security than unicast or authenticated modes due to its broadcast nature.

Dencrypted authentication mechanismCorrect

NTP uses cryptographic authentication, such as MD5 or SHA, to verify the authenticity of NTP messages and prevent unauthorized time modifications by ensuring that messages originate from trusted sources.

Eaccess list-based restriction schemeCorrect

NTP supports access lists (ACLs) to restrict access to the NTP server, allowing administrators to define which hosts or networks are permitted to synchronize time or query the server, thus controlling who can interact with the NTP service.

Concept tested: NTP security features and access control

Source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/xe-3s/ipapp-xe-3s-book/ipa-ntp.html

Topics

#NTP security#NTP authentication#NTP access control

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice