Which of the following is considered to be the most secure default firewall policy, yet usually causes the most work from an administrative perspective?