Global rules + incoming connections

According to this
firewall’s global rules are checked first when someone tries to connect to a computer (extract below)

I have my home network zone configured in this way:

and one global rule like this:

Yet I still get prompted about incoming connections from devices connected to home network
(especially system connections - ports used by printer/file sharing, NetBIOS protocol).

Soft: Windows 7 Pro x64 / CIS Premium 5.10.228257.2253

Yes, global rules are like generalized rules.
What passes them ingoing has to pass the barrier of application rules then. Thats why you get a question if a related application rule is missing.
Thats good, because otherwise traffic which passed a “general” rule could allready act “specific” without question.

Especially (unrequested) ingoing traffic should be controlled/avoided if possible.

The alerts you see are likely for applications listening for that traffic. The applications are typically System and svchost.exe.

Thank you all. Previously I thought, when an incoming connection passes Global Rules, the firewall checks application rules no more. Seems like I was wrong.

All traffic, both incoming and outgoing, goes through both Global and Application Rules. The only difference is the order of which set traffic sees first.