If my understanding is correct, when the DTS is executed by the job, if the DTS uses 'Windows authentication' on the connection steps, the credentials associated with the sql server agent log on (from the machine where the job is running), will be used for authentication. Is this correct?

Not necessarily.  It depends on the owner of the job, or the Run as user setting on the job step.  If that user is in the sysadmin role, it should use the SQL Server agent account for authentication.  If that user is not in the sysadmin role group, it will use the SQL Server Agent proxy account that is defined.  If the proxy account is not defined, the job step will fail.  See Handling Package Security in DTS in BOL for more on this.