Windows 10 On Screen Keyboard, hard to close

The on screen keyboard can just as easily be intercepted by a keylogger as a physical keyboard. So there is no security benefit to using OSK.

As a "Geek in training", I've been doing a little research. From what I've read, a firewall's ability to block outbound connections should provide sufficient protection against keylogging, since a 3rd party can't easily read the keystrokes. Sounds pretty simplistic, but makes sense to me. Thoughts?

Well for starters, most people do not block output traffic and even if you did you'd still need to allow ports such as 80 and 443 to view web sites. Lots of malware, key loggers included can and do use these common ports. Well now lets say you use the Windows firewall and only allow certain applications out but the key logger is installed and probably running with elevated privileges. No problem the firewall is easily detectable and the key logger can just as easily poke a hole in the firewall and allow traffic out. Lets say you use a 3rd party firewall. Well still easy to get that data out. The key logger author can do some other nasty tricks to get that data out.

A couple of examples that I'd written (I know these already exist)
I can send a malformed DNS request (these are sure to make it out, or if you only allow DNS to your DNS server aka your router it's still no problem) in the DNS request I simply send chunks of the key logger data file in the requests. My server on the outside gets those chunks and reassembles them.

Same thing with ping or any other protocol that can slip past your firewall.

Some Examples

DNS Data Exflitration
DNS Data Exfiltration - How it works - Infoblox Experts Community

Thanks, Neemo. As always, you've explained everything quite well.