To me, there are plenty of different ways to restrict/filter your internet connection.
Some will want it easy, some other will want it advanced.
And there already, there will be lots of debates on what is easy or not : perspective...
Also, when it comes to firewall, the default behavior is usually to trust outbound access (you trust what is inside) and restrict inbound access (evil is out there).
In our particular case (windows 10 & untrusted software), the evil is inside : rather than containing the evil, best would actually be to get rid of it, but this is another, probably passionate, discussion
My saying here is that, apart from monitoring in real time what goes out and adapt your firewall every now and then, trying to block outbound access on a windows platform is quite some effort, if not mission impossible.
Last, we may want to look at how profesionals secure their network.
My humble experience showed me that usually there is no direct internet connection.
The internet is usually proxified : only http/https is allowed.
This is very restrictive and users tend to moan about it but if it works for major companies out there, why not follow the same line at the individual level?
My guess is that individuals actually dont want to put up with restrictions.
My 2 cents...