An engineer is creating a security policy based on Dynamic User Groups (DUG) What benefit does this provide?

An engineer is creating a security policy based on Dynamic User Groups (DUG) What benefit does this provide?
A . Automatically include users as members without having to manually create and commit policy or group changes
B . DUGs are used to only allow administrators access to the management interface on the Palo Alto Networks firewall
C . It enables the functionality to decrypt traffic and scan for malicious behaviour for User-ID based policies
D . Schedule commits at a regular intervals to update the DUG with new users matching the tags specified

View Answer

Answer: A

Explanation:

Dynamic user groups help you to create policy that provides auto-remediation for anomalous user behavior and malicious activity while maintaining user visibility. Previously, quarantining users in response to suspicious activity meant time- and resource-consuming updates for all members of the group or updating the IP address-to-username mapping to a label to enforce policy at the cost of user visibility, as well as having to wait until the firewall checked the traffic. Now, you can configure a dynamic user group to automatically include users as members without having to manually create and commit policy or group changes and still maintain user-to-data correlation at the device level before the firewall even scans the traffic.

https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/dynamic-user-groups.html