An IT company has recently migrated to AWS and the data engineering team is configuring security groups for the two-tier application with public web servers and private database servers. The team wants to understand the allowed configuration options for an inbound rule for a security group. Which of the following would you identify as an INVALID option for setting up such a configuration?