What two types of traffic should you exclude from a decryption policy? (Choose two.)
What two types of traffic should you exclude from a decryption policy? (Choose two.)
Two types of traffic that should be excluded from a decryption policy are business and regulatory traffic, as well as mutual authentication traffic. Business and regulatory traffic should be excluded to comply with legal and organizational rules. Mutual authentication traffic should be excluded because it involves both parties verifying each other's credentials, which can break if the traffic is decrypted.
https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-admin/decryption/decryption-exclusions
Answer A and C
Traffic that breaks decryption for technical reasons, such as using a pinned certificate, an incomplete certificate chain, unsupported ciphers, or mutual authentication Traffic that you choose not to decrypt because of business, regulatory, personal, or other reasons
AC - from the refferenced link
AB - from the refferenced link
AC are correct
Agree with A,C
Agree with mushi4ka, refer to the link