CCIE Security Exam 400-251: OSPF Authentication Types

OSPF Authentication Types

Prev Question Next Question

Question

Which three authentication types does OSPF support? (Choose three.)

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D. E. F.

ABC.

OSPF (Open Shortest Path First) is a widely used interior gateway protocol (IGP) for routing in large enterprise networks. It supports several types of authentication for securing the OSPF protocol communication between routers.

The three authentication types that OSPF supports are:

  1. Null authentication: With null authentication, OSPF packets are not authenticated and any router that receives the packet can trust it. This authentication type is not recommended for security-conscious networks.

  2. Plain-text authentication: With plain-text authentication, the authentication key is transmitted in clear text format. The receiving router compares the received key with its own key to authenticate the packet. This authentication type is not recommended for security-conscious networks as the authentication key can be easily intercepted and compromised.

  3. MD5 authentication: With MD5 authentication, the authentication key is hashed using the MD5 algorithm before transmission. The receiving router performs the same hashing process to authenticate the packet. This authentication type is recommended for security-conscious networks as it provides better security than plain-text authentication.

The other authentication types mentioned in the question, PAP, PEAP, and MS-CHAP, are not supported by OSPF. PAP (Password Authentication Protocol) and MS-CHAP (Microsoft Challenge Handshake Authentication Protocol) are authentication protocols used in Point-to-Point Protocol (PPP) for remote access connections. PEAP (Protected Extensible Authentication Protocol) is an authentication protocol commonly used for wireless networks.

In summary, OSPF supports three authentication types: null, plain-text, and MD5. Among these, MD5 is the recommended authentication type for securing OSPF protocol communication in security-conscious networks.