Joe has configured ACLs on a Cisco network device. The ACL he has configured is as follows: interface ethernet0 ip access-group 111 in ! access- list 111 deny tcp any any eq http access- list 111 permit ip any any access- list 111 deny tcp any any eq https What does this ACL do?

ACLs are interpreted in the order they are listed. This ACL is not properly written if it is intended to block HTTPS because the ACL order includes a rule that allows any traffic after the rule that blocks HTTP is processed. This means that traffic will first be checked to see if it is HTTP traffic. If it is not, it will be allowed, and thus will bypass the HTTPS block. It will not prevent web application attacks since HTTPS can pass the ACL, and no specific configuration is set for inspection of web traffic.