Deletes all predefined Firewall rules and delete DNScache service. Then blocks all inbound and outbound traffic and allow system to connect.

Firewall_Telemetry.CMD

@echo off
::1#Delete DNSCache Service
::sc.exe stop "Dnscache"
::sc.exe delete "Dnscache"
reg.exe delete "HKLM\SYSTEM\CurrentControlSet\Services\Dnscache" /F
pause
			
::2#
for %%X in (
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Defaults\FirewallPolicy\FirewallRules"
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules"
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedInterfaces"
"HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices" ) do (
	reg delete %%X /F
	)
set X="HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\RestrictedServices"
%~dp0\SetACL.exe -on %X% -ot reg -rec cont_obj -actn setowner -ownr "n:Everyone"
%~dp0\SetACL.exe -on %X% -ot reg -rec cont_obj -actn ace -ace "n:Everyone;p:full"
pause
			
::3#
for %%X in (
Defaults
Parameters ) do (
	for %%Y in (
	DomainProfile
	PublicProfile
	StandardProfile ) do (
		reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DefaultInboundAction" /T REG_DWORD /D "1" /F
		reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DefaultOutboundAction" /T REG_DWORD /D "1" /F
		reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DisableNotifications" /T REG_DWORD /D "0" /F
		reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "DisableUnicastResponsesToMulticastBroadcast" /T REG_DWORD /D "1" /F
		reg add "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y" /V "EnableFirewall" /T REG_DWORD /D "1" /F
		reg delete "HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\%%X\FirewallPolicy\%%Y\Logging" /F
	)
)
netsh advfirewall set allprofiles firewallpolicy blockinbound,blockoutbound
pause
			
::4#
::netsh advfirewall firewall add rule Name=System Program=System Action=allow Dir=Out
Powershell New-NetFirewallRule -DisplayName "~System" -Name "System" -Direction Outbound -Program System -Action Allow
			
::END-44#

So what would be the syntax for allowing Chrome as an outbound and inbound exception to the block, if we assume the path is C:\Program Files\Chrome\Chrome.exe?

New-NetFirewallRule cmdlet in PowerShell or netsh advfirewall firewall command can be used for that.