nerdexam
Cisco

350-401 · Question #887

You want to securely implement the Network Time Protocol (NTP) on your network. What two mechanisms are available to secure NTP? (Choose two.)

The correct answer is B. MD5 authentication keys D. access-group configuration. NTP security can be implemented using MD5 authentication keys to ensure the authenticity of time sources and access control lists (access-groups) to restrict which devices can interact with the NTP server.

Submitted by lukas.cz· Mar 6, 2026

Question

You want to securely implement the Network Time Protocol (NTP) on your network. What two mechanisms are available to secure NTP? (Choose two.)

Options

  • AIPSec communication
  • BMD5 authentication keys
  • CRole based access control (RBAC)
  • Daccess-group configuration

How the community answered

(57 responses)
  • A
    4% (2)
  • B
    88% (50)
  • C
    9% (5)

Why each option

NTP security can be implemented using MD5 authentication keys to ensure the authenticity of time sources and access control lists (access-groups) to restrict which devices can interact with the NTP server.

AIPSec communication

IPSec communication can secure general network traffic, but it is not a native or built-in authentication mechanism specific to the NTP protocol itself for securing its operations.

BMD5 authentication keysCorrect

MD5 authentication keys provide a cryptographic method to verify the identity of NTP peers, ensuring that time synchronization messages are accepted only from trusted sources and protecting against unauthorized time modifications.

CRole based access control (RBAC)

Role-based access control (RBAC) is an authorization model for managing user permissions to systems or applications, not a direct security mechanism for the NTP protocol's communication or time synchronization.

Daccess-group configurationCorrect

Access control lists (ACLs) or access-groups can be configured on network devices to filter incoming and outgoing NTP traffic, allowing administrators to define specific IP addresses or subnets that are permitted to query or provide NTP services, thereby limiting exposure.

Concept tested: NTP security mechanisms

Source: https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ntp/configuration/xe-3s/ntp-xe-3s-book/ntp-config-ntp-auth.html

Topics

#NTP security#MD5 authentication#Access Control Lists

Community Discussion

No community discussion yet for this question.

Full 350-401 Practice