Cisco Exam Questions

Which statement about extended access lists is true?

Which statement about extended access lists is true?

A.
Extended access lists perform filtering that is based on source and destination and are most
effective when applied to the destination

B.
Extended access lists perform filtering that is based on source and destination and are most
effective when applied to the source

C.
Extended access lists perform filtering that is based on destination and are most effective when
applied to the source

D.
Extended access lists perform filtering that is based on source and are most effective when
applied to the destination

Explanation:
Standard ACL
1) Able Restrict, deny & filter packets by Host Ip or subnet only.
2) Best Practice is put Std. ACL restriction near from Source Host/Subnet (Interface-Inbound).
3) No Protocol based restriction. (Only HOST IP).
Extended ACL
1) More flexible then Standard ACL.
2) You can filter packets by Host/Subnet as well as Protocol/TCPPort/UDPPort.
3) Best Practice is put restriction near form Destination Host/Subnet. (Interface-Outbound)