2th of 4 Questions.
What are security groups and what do they regulate?
Understanding AWS Security Groups
A security group acts as a virtual firewall for your EC2 instances to control incoming and outgoing traffic. Unlike network ACLs, security groups are stateful; if you send a request from your instance, the response traffic for that request is allowed to flow in regardless of inbound security group rules.
Traffic Regulation
Inbound Traffic: Filters traffic coming into the instance based on protocol, port range, and source IP/Security Group.
Outbound Traffic: Filters traffic leaving the instance to specific destinations.
Default Deny: By default, all inbound traffic is blocked until you add allow rules.
Stateful Filtering: Automatically allows return traffic for established connections.