Set the mod_cluster advertise security key.
No, this is a wrong step at this point and you couldn't have possibly started the EAP server with this configuration at this point. The Front-End load balancing server doesn't even have the modcluster subsystem loaded.
On the balancer side, advertise security key could be set in Undertow subsystem, in its mod_cluster filter. The worker node counterpart is configured in mod_cluster subsystem. On its own, it is by no means a security measure of any description. It does not replace proper https configuration for the MCMP. The only thing it does is that workers pair only with those balancers with the same shared secret.
This configuration is not pertinent to a basic first walkthrough.
Once you have the advertise security key and socket binding set up, you need to add the mod_cluster filter to Undertow for the load balancer instance of JBoss EAP.
Again, it holds only if you want to use that feature on all workers and your balancers. It is IMHO superfluous in an article on the first encounter with the balancer setup though.