A lot of questions. It seems like you are on the right track to securing your system. It all comes down to this,you can take all the steps possible to prevent your system form being hacked, and still get hacked. Firewalls, antivirus are good front line defenses. Then there is the issue of opening infected emails, click bait links on shady websites, posting personal info on social media that may be used to hack your passwords and even key loggers. If a hacker wants into your system, given enough time, he will find a way in if his skills are good enough. The only way to be almost 100% hack proof is never connect to the internet or another network. Doing that means no updates to software and eliminates a lot of apps and programs that require account setups, Today’s hackers are getting in using exploits in the OS itself as well as things like commonly used plugins like Flash and other. They find a flaw and use that as the base for their hack. A lot of the hacks today can be prevented with a little more education and awareness of the risks. So many sites as well as other things can be spoofed, tricking users and opening themselves to a hack.