Solely to control that nothing extra on the server side will establish outgoing connections, it is reasonable to close all outgoing ports except those allowed. BackConnect is the traditional way to work with a captured machine (the machine itself connects to the one who captured it).
Advantages of such control. If BackConnect occupies an existing port, then some important application will not be able to occupy it, it will fall, it will become clear from the logs that the port is busy.
If BackConnect takes a new port, it will add a new rule, and the new firewall rule will be noticed.
This is theory. Never cared so much about protection. Didn't have time to set up the server.

If speech about a traffic outside - that like is not fraught. But the paranoid inside of you has to assess the risk for himself.

When a connection is established by any application, the system selects any free port. Therefore, "closing" outgoing ports means blocking access to applications anywhere on the Internet. If not a single application on your server (which is unrealistic) needs to go somewhere on the Internet, feel free to close it.