Yes, the permissions were chosen for the individual site, and I use the "Report for User" field to make sure that the account that belongs to the Consultant role has only the "Read" and "Browse Tree" permissions for the Blog document type. However, the user account can still "Create" and "Modify" that document type even though I did not give it the permission to do so. Keep in mind that I also left "Delete" unchecked, and I was not unable to delete the Blog with that role, as expected. As a test, I checked "Delete", and I was able to delete the Blog, as expected. So I can say with some confidence that the "Modify" permission for document-type does not seem to be working.
I forgot to mention that the role must be allowed to modify Blog Posts, which is why I cannot set the page-level permissions to Deny Modify on the Blog -- all Blog Posts under this Blog will inherit Deny Modify. That means I would have to go through every Blog Month/Post and break inheritance. That is why I am trying to get the document type-level permissions to work the way I expected them to, and avoid page-level permissions altogether. I also do not have the luxury of moving Blog Posts to another location in the Tree in order to avoid inheriting from Blog.