What Does ACL Mean in 200-301? — Definition & Guide

Full Definition

ACLs filter traffic based on source IP, destination IP, protocol, and port number. They are applied to a router interface in a direction: inbound (traffic entering the interface) or outbound (traffic leaving the interface). Standard ACLs (numbered 1–99) filter by source IP only and are applied close to the destination. Extended ACLs (numbered 100–199) filter by source, destination, protocol, and port, and are applied close to the source. ACLs process rules in order and stop at the first match; an implicit 'deny all' is always at the end.

CLI Command

access-list 10 permit 192.168.1.0 0.0.0.255
access-list 100 permit tcp 10.0.0.0 0.0.0.255 any eq 80
interface GigabitEthernet0/0
 ip access-group 100 in

Exam Trap — Don't Get Fooled

The implicit 'deny all' at the end of every ACL is invisible but always present. Forgetting it is a common mistake. Also, ACL rules are checked in sequence — more specific rules must come before general rules.

Related 200-301 Terms

Wildcard Mask

The inverse of a subnet mask, used in ACLs and OSPF network statements.

NAT

A technique that translates private IP addresses to public IP addresses for Internet access.

Port Security

A switch feature that limits the number of MAC addresses allowed on a port.

Frequently Asked Questions

What does ACL mean on the 200-301 exam?

ACLs filter traffic based on source IP, destination IP, protocol, and port number. They are applied to a router interface in a direction: inbound (traffic entering the interface) or outbound (traffic leaving the interface). Standard ACLs (numbered 1–99) filter by source IP only and are applied close to the destination. Extended ACLs (numbered 100–199) filter by source, destination, protocol, and port, and are applied close to the source. ACLs process rules in order and stop at the first match; an implicit 'deny all' is always at the end.

How does ACL appear as a trap on the 200-301?

The implicit 'deny all' at the end of every ACL is invisible but always present. Forgetting it is a common mistake. Also, ACL rules are checked in sequence — more specific rules must come before general rules.

How important is ACL on the 200-301 exam?

ACL falls under the Security domain of the 200-301 exam. Understanding it in context with related terms like wildcard-mask and nat is essential for answering scenario-based questions correctly.