I had tested it by creating a new login and then creating a new user in the database with no permissions (all public permissions except for the ones I'm dealing...

I mean that my finding query still reports that the public role still has SELECT permissions to the objects which were denied/revoked. In effect, the public role does not...

Great ideas but unfortunately they did not resolve my particular issue. After running with your initial advice with no luck I tried extending your DENY commands to sys.[default_constraints], sys.[key_constraints],...