As a Developer Associate in charge of managing AWS Kinesis streams for your company, you have been tasked with enhancing the security of these streams. The security team has stipulated that the new security measures must utilize features inherent to the Kinesis Data Streams service and must not necessitate any alterations to your existing code.

Which of the following features would fulfill these security requirements? (Select two)