How do standard and extended ACLs differ on Cisco devices?

Standard ACLs look at where the traffic is coming from—the source IP address—and don’t consider the destination, protocol, or port numbers. Extended ACLs are more flexible: they can filter based on both the source and destination IP addresses, the protocol (such as TCP, UDP, or ICMP), and even specific port numbers. That combination lets you allow or deny very particular kinds of traffic, like web traffic from one host to a specific server, or blocking a particular service between networks. So the correct description matches that standard ACLs filter by source IP only, while extended ACLs filter by source and destination IP plus protocol and ports. The other statements misrepresent what standard and extended ACLs examine (for example, mentioning hostname filtering or assigning a strict inbound/outbound constraint to one type only), which isn’t how Cisco ACLs are defined.