Yes, ideally best practice is where all ports should be blocked by default other than the ones which are required for business needs (however that varies from organisation to organisation).