Which AWS services or features will support this requirement?
(Choose two.)
Amazon Elastic Block Store (Amazon EBS)
Network ACLs
Security groups
IAM password rotation policy
Amazon Route 53 record sets
Explanations:
Amazon Elastic Block Store (Amazon EBS) is a storage service used to provide block-level storage for EC2 instances. It does not handle network access restrictions or control traffic.
Network ACLs (Access Control Lists) provide a way to control inbound and outbound traffic at the subnet level. They allow you to specify rules that can permit or deny traffic based on various parameters, such as IP address and port number. This makes them suitable for restricting network access to specific EC2 instances.
Security groups act as virtual firewalls for EC2 instances to control inbound and outbound traffic. They allow you to define rules that specify which ports and protocols can be accessed, thus directly supporting the requirement to restrict network access for specific ports.
An IAM password rotation policy is related to managing user credentials and does not pertain to network access or traffic control for EC2 instances.
Amazon Route 53 is a domain name system (DNS) web service. It is used for domain registration, DNS routing, and health checking but does not provide any functionality for restricting network access to EC2 instances.
As I understand it, the answer is:
Network ACLs