Version 4.1 - 1.5 Routing Protocols Part 1
Although this is also a large topic, we can pretty much chop this down to a manageable size by looking at only the basics of the protocol and the specifics of the security features. On the R/S exam it is reversed.
Let's start with RIP. The Cisco Documentation for RIP covers the basics. It's worth a good scan of the page to refresh your memory. RIP is a classical distance-vector protocol that uses hop count. A hop count of 16 is unreachable. There is RIPv1 and RIPv2. Remember you can send and receive version 1, 2 or both. RIP is normally a broadcast protocol, but can send unicast updates if you configure the neighbor. RIP Version 2 supports authentication, key management, route summarization, CIDR, and VLSMs. RIP Version 1 does not support authentication. [I really don't know why anyone would bother using RIPv1.] The "gotchas" of RIP relate to split-horizon and automatic summarization. Look for discontinguous networks - which would be summarized and might be ignored. But that's more relevant when trying to get this to work versus making it secure.
Let's focus on RIPv2 authentication. This can be either plain text of MD5. Plain text authentication sends the "secret" in the update packets. This is about as secure as a combination lock that has the combo on the back of it. You have to configure a key chain to enable RIP authentication. If you need specifics, Cisco has a Sample Configuration for Authentication in RIPv2. It covers step-by-step both plain text and MD5 authentication.
RIPng or RIP for IPv6 was a bit more difficult to find. Implementing RIP for IPv6 is where I finally found it - under IPv6 rather than RIP. [I really expected a link at the bottom of RIP under related technologies.] An interesting feature is NSF (Nonstop Forwarding) for RIP IPv6. The RIP 224.0.0.9 address used in IPv4 is now FF02::9 in IPv6. The item missing from the IPv6 documentation is authentication. It's the same as IPv4, but you would think they would include it in the IPv6 documentation for completeness.
Let's move on to EIGRP. There is much more about EIGRP in the Cisco Documentation. EIGRP is a Cisco-proprietary enhanced distance vector protocol. It uses the DUAL algorithm to calculate the shortest path. The metric uses K values to calculate the metric (K1 through K5) - but with most of them having a default value of 0, this shakes out to bandwidth + delay. This is the protocol with the Feasible Distance, Feasible Successor, Split Horizon (like RIP) and Poison Reverse. If these terms are not immediately familiar to you, read the information in the link above. This is also the protocol with the Queries and Stuck-In-Active.
Once you learn/review EIGRP, you have to go to a separate page to find EIGRP Message Authentication. It's a step-by-step example, but there is also another page Configuring EIGRP Authentication which is a bit more general. Both sites are not as "meaty" as I would like, but basically - you're doing MD5 with a key chain for authentication.
There's not a lot of information for EIGRP on IPv6. The doc covers an example configuration - which is basically EIGRP with IPv6 addresses. It took a lot of looking, but I did find a really good Implementing EIGRP for IPv6 section in the Cisco Documentation. Under the "Restrictions for Implementing EIGRP for IPv6" note that it's directly configured on the interfaces over which it runs. There is no network statement in EIGRP for IPv6.
Some of the security features for these protocols are protocol independent and are not mentioned in the discussion above. Those items (such as passive-interface) will be discussed after the specific protocols.