clarification of 'deny-all' vs '8080' in example

Maybe it will useful to enhance the section _05.Governance-Risk-Compliance to include an explanation (or an illustration), outlininig the difference on how Policy #1 and Policy #2 affect the network traffic from the ingress to the application.