A security group is a virtual firewall that controls inbound and outbound traffic for an EC2 instance.
Default behavior
Denies all inbound traffic and allows all outbound traffic.
Default vs Custom Security Groups
By default, denies all inbound traffic and allows all outbound traffic.
Checks incoming packets but does not check outgoing packets
Security Group: Stateful - Remember state
Security groups, as opposed to Network ACL, perform stateful packet filtering, which means that they remember previous decisions made for incoming packets.
