Which statement best describes a common use of Policy Optimizer?
Which statement best describes a common use of Policy Optimizer?
Policy Optimizer can display which Security policies have not been used in the last 90 days. This is a common use of Policy Optimizer as it helps administrators identify outdated or unnecessary policies, which can improve the firewall's efficiency and security by removing rules that are no longer needed.
Not correct to me. Seems to be B. Documentation says it does not change profiles. https://docs.paloaltonetworks.com/prisma/prisma-access/prisma-access-cloud-managed-admin/create-prisma-access-policy/policy-optimizer
B is correct
for me is A Policy Optimizer identifies port-based rules so you can convert them to application-based allow rules or add applications from a port-based rule to an existing application-based rule without compromising application availability. https://docs.paloaltonetworks.com/pan-os/10-2/pan-os-admin/app-id/security-policy-rule-optimization
The key word for me is « common » both A and B are option for policy optimizer but i’ll go for A as a common use of this solution
I agree with innuendo2's explanation
For me B
Identification of Overly Permissive Rules: The Policy Optimizer categorizes rules as overly permissive if they are allowing any application traffic and are at least 90 days old. This categorization is important because such rules can introduce security gaps by allowing unnecessary traffic
D is correct, though the working in the question is the most common usage of policy optimizer. I guess it depends on that as B may also be the answer.
B and D are correct