Perhaps your client is in Mixed Control or Client Control mode. Mixed Control means that the firewall rules of SEPM and client will be mixed (rule order depends on the blue line in SEPM firewall policy: rules above the blue line are checked first, then client rules and at last the SEPM rules below the blue line will take effect). In Client Control mode, only the client rules are in effect, the SEPM rules are ignored.
Check here:
Clients > [Group] > Policies > Location-specific settings > Client User Interface Control Settings
If this setting is at Mixed Control or Client Control, the LLMNR rule probably stems from client firewall rule set. That is even more likely because an "Allow Ipv4 LLMNR from private IP addresses" rule is activated as a client firewall rule by default.
You can get rid of these entries if you switch to Server Control or disable corresponding client firewall rule.
All the above may be valid for the ping/pong rule issue as well, but I don't see such a default rule in Mixed/Client control mode at clients.
You can test your environment with different settings: Server Control, Mixed Control and Client Control. If suspicious entries only emerge in Mixed/Client Control, it's a client firewall rule that annoys you.
BTW, did you upgrade your SEPM/clients recently?