What are ACLs (Access Control Lists)?
Why Interviewers Ask This
This question targets practical, hands-on experience with Networking. Interviewers want to see if you've worked with these concepts in real projects, not just read about them. Strong answers include concrete examples.
Answer
ACLs (Access Control Lists) are ordered lists of rules on a router or firewall that permit or deny traffic based on criteria like source/destination IP, protocol, and port. Each rule is evaluated sequentially — when a match is found, the action (permit/deny) is taken and processing stops. If no rule matches, an implicit deny-all drops the packet. Types: Standard ACLs (filter based on source IP only — simple). Extended ACLs (filter based on source/destination IP, protocol, port — more powerful). Cisco example: access-list 101 deny tcp 192.168.1.0 0.0.0.255 any eq 23 (block Telnet from subnet). ACL placement: place standard ACLs close to the destination (they only filter by source, so you do not want to block traffic too early); place extended ACLs close to the source (filter early, reduce unnecessary traffic). Modern firewalls use stateful inspection beyond simple ACLs.
Pro Tip
Before answering, structure your response: one-line definition → real-world analogy → concrete example from a project. This makes even complex Networking answers easy to follow.
Previous
What is network address planning and IP management (IPAM)?
Next
What is network redundancy and high availability?