AWS Certified Advanced Networking - Specialty (#10)

You ping an Amazon Elastic Compute Cloud (EC2) instance from an on-premises server. VPC Flow Logs record the following:

2 123456789010 eni-1235b8ca 10.123.234.78 172.11.22.33 0 0 1 8 672 1432917027 1432917142 ACCEPT OK 2 123456789010 eni-1235b8ca 172.11.22.33 10.123.234.78 0 0 1 4 336 1432917027 1432917082 ACCEPT OK 2 123456789010 eni-1235b8ca 172.11.22.33 10.123.234.78 0 0 1 4 336 1432917094 1432917142 REJECT OK

Why are ICMP responses not received by the on-premises system?

The inbound network access control list is blocking the traffic
The outbound network access control list is blocking the traffic
The inbound security group is blocking the traffic.
The outbound security group is blocking the traffic.