Hello Boris
For the client server modes, NTP authentication involves configuring a trusted key on the server, and a corresponding key on the clients as well. Here it is the clients that authenticate the server. If you configure the server but do nothing to the clients, they will accept the NTP packets as they are, even though the server is sending authentication information. In the lesson, Rene shows how the clients can be configured to authentication the server. Note that the clients also include the ntp server <ip address> key <key_number> command, which specifies which server should be authenticated.
For NTP peers, the configuration is almost the same except that the command is now ntp peer <ip address> key <key_number> which indicates that the specific peer should be authenticated.
As for NTP broadcast mode, it is always best practice to enable authentication. When you configure NTP broadcast client mode (as opposed to NTP static client mode), the device is configured to passively listen for NTP broadcasts. You can apply authentication to this as well in the same manner as done in the client/server modes.
I hope this has been helpful!
Laz