A set of rules that control the flow of network traffic.

The main idea is controlling how data moves through a network by applying a set of rules that filter packets. An Access Control List does this exactly: it’s an ordered collection of permit or deny statements applied to a network interface or device. Each rule specifies criteria such as source and destination IP addresses, protocol, and port numbers, and the first rule that matches determines whether the traffic is allowed or blocked. This lets you enforce security boundaries, limit access to services, and reduce exposure to unwanted traffic. The other options aren’t about filtering network traffic: an account policy governs user credentials and access rights, Active Desktop is a user interface feature, and Active Server Pages is a server-side web development technology.