350-701 Question #308: Real Exam Question with Answer & Explanation

Question

Refer to the exhibit. A network engineer is testing NTP authentication and realizes that any device synchronizes time with this router and that NTP authentication is not enforced. What is the cause of this issue?

Options

• AThe hashing algorithm that was used was MD5 which is unsupported.
• BThe key was configured in plain text.
• CNTP authentication is not enabled.
• DThe router was not rebooted after the NTP configuration updated

Explanation

The issue of unenforced NTP authentication, despite some configuration, usually stems from not explicitly enabling the authentication mechanism after defining the cryptographic keys.

Common mistakes.

• A. MD5 is a widely supported hashing algorithm for NTP authentication and would not typically cause authentication to fail to be enforced.
• B. While configuring keys in plain text is a security vulnerability, it does not prevent NTP authentication from functioning correctly if it is enabled and the key matches.
• D. NTP configuration changes, including enabling authentication, usually take effect dynamically and do not require a router reboot.

Concept tested. NTP authentication configuration

Reference. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipapp/configuration/xe-16/iap-xe-16-book/iap-ntp.html

No community discussion yet for this question.