Which three of these options are some of the best practices when you implement an effective firewall security policy?