Extended access lists allow for more precise matching of network traffic than standard access lists by allowing specification of source/destination IP addresses, protocol, and port numbers. Two steps are required to configure an extended ACL: 1) use the access list command to define permit/deny rules and 2) apply the ACL to an interface. Extended ACLs can be used to allow certain users to access specific servers by IP and port while denying other traffic.