A security engineer is tasked with isolating an Amazon EC2 instance during an incident response. The goal is to block all traffic to and from the instance, except for authorized access by the company's forensics team. Each EC2 instance has its own dedicated security group, and instances are deployed within subnets of a VPC. The engineer tests the isolation procedure by initiating an SSH session to the target instance, simulating an attacker's access. After removing existing security group rules and adding new rules to allow the forensics team access via port 22, the SSH session remains active, and pings to the instance's public IP address are blocked. What action should the engineer take to effectively isolate the target instance? | AWS Certified Security - Specialty Quiz