5.2.b Implement and troubleshoot router security features

5.2.b [i] IPv4 access control lists [standard, extended, time-based]

Cisco provides basic traffic filtering capabilities with access control lists (also referred to as access lists). Access lists can be configured for all routed network protocols (IP, AppleTalk, and so on) to filter the packets of those protocols as the packets pass through a router.

Access lists filter network traffic by controlling whether routed packets are forwarded or blocked at the router’s interfaces. Your router examines each packet to determine whether to forward or drop the packet , on the basis of the criteria you specified within the access lists. Access list criteria could be the source address of the traffic, the destination address of the traffic, the upper-layer protocol, or other information. Note that sophisticated users can sometimes successfully evade or fool basic access lists because no authentication is required.

Standard ACLs are the oldest type of ACL. Standard ACLs control traffic by the comparison of the source address of the IP packets to the addresses configured in the ACL.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Location 5266).  . Kindle Edition.