ACLs (Access-Lists) are used for filtering and classification. Filtering means that we use statements in access-lists to define what packets should be permitted or denied. Packets that are denied will be dropped. Classification means we use access-lists to “select” traffic. For example, we use them when we configure VPNs to define what traffic should be encrypted by the VPN. We also use them with QoS (Quality of Service) to select what packets we want to prioritize/drop and so on.