Explanation/Reference:
Section: Considerations for Expanding an Existing Network Explanation
Explanation:
Standard IP access control lists (ACLs) can be numbered in the range from 1 through 99 or from 1300 through 1999 and can filter traffic from a specific host or a specific network. ACLs are used to control packet flow across a network. For example, you could use an ACL on a router to restrict a specific type of traffic, such as Telnet sessions, from passing through a corporate network. There are two types of IP ACLs: standard and extended. Standard IP ACLs can be used to filter based only on source IP addresses; standard IP ACLs cannot be used to filter based on source and destination address. Standard ACLs should be placed as close to the destination as possible so that other traffic originating from the source address is not affected by the ACL.
Extended IP ACLs enable you to permit or deny packets based on not only source IP address but destination network, protocol, or destination port. In contrast to standard IP ACLs, extended IP ACLs should be placed as close to the source as possible. This ensures that traffic being denied by the ACL does not unnecessarily traverse the network. Extended ACLs have access list numbers from 100 through
199 and from 2000 through 2699.
Reference:
CCDA 200-310 Official Cert Guide, Chapter 13, Identity and Access Control Deployments, pp. 532-533 Cisco: Configuring IP Access Lists