To view how to address the EC2 failed test:
>> click on ‘view activity’
>> then click on ‘History’,
>> then click on ‘View report’
>> then, scroll down to see the ‘test details’.
>> look for the test procedure: the test procedure will tell what was tested and what failed.
For EC2 default setting, the test procedure will say this:
We inspect the EC2 default security groups and determine if they are in use by any EC2 network interface, RDS, EMR, Lambda, ElastiCache, Redshift, EFS or ELBv2 instance. The test passes if no default security groups are in use, and fails otherwise.

Using that guidance, enable the AWS configuration accordingly. AWS has best practice for EC2 (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/default-custom-security-groups.html). SOC 2 does not have any mandatory configuration, as long as your EC2 is set up according to best practice, the test will pass.

OR