Hit Count is a feature to track the number of connections that each rule matches, which one is not a benefit of Hit Count.
Hit Count is a feature to track the number of connections that each rule matches, which one is not a benefit of Hit Count.
Hit Count is used to track the number of connections that each rule matches. It helps to understand the behavior of the Access Control Policy, improve firewall performance by allowing rules with high hit counts to be moved higher in the rule base, and analyze the rule base by identifying and deleting rules with no matching connections. However, it does not automatically rearrange the Access Control Policy based on Hit Count analysis; such rearrangement would be a manual process.
C is correct
You can use the Hit Count data to: Analyze a Rule Base - You can delete rules that have no matching connections i don't think is authomatic
https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_SecurityManagement_AdminGuide/Topics-SECMG/Analyzing-the-Rule-Base-Hit-Count.htm Confirmed is D
I think it's C, the question is about "not benefit of Hit Count", analyze the Rule Base to delete rules that don't have matches is a benefit, same as answer B.
also "Automatically" is the key word, there is no automatic rearrange