Explanation
An application filter is an object that dynamically groups applications based on application attributes that you define, including category, subcategory, technology, risk factor, and characteristic. This is useful when you want to safely enable access to applications that you do not explicitly sanction, but that you want users to be able to access. For example, you may want to enable employees to choose their own office programs (such as Evernote, Google Docs, or Microsoft Office 365) for business use. To safely enable these types of applications, you could create an application filter that matches on the Category business-systems and the Subcategory office-programs. As new applications office programs emerge and new App-IDs get created, these new applications will automatically match the filter you defined; you will not have to make any additional changes to your policy rulebase to safely enable any application that matches the attributes you defined for the filter.
https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-admin/app-id/use-application-objects-in
-policy/create-an-application-filter.html

Reference: https://docs.paloaltonetworks.com/pan-os/9-0/pan-os-new-features/app-id-features/policy- optimizer.html

When grouping rules by group tags, the action that can be performed is to tag selected rule(s). This action allows you to assign one or more tags to the selected rules, which will group them together and display them under the corresponding tag group. You can use tags to organize and visually distinguish your rules based on different criteria, such as function, location, or priority1. Reference: View Rules by Tag Group, Use Tags to Group and Visually Distinguish Objects, Certifications - Palo Alto Networks, Palo Alto Networks Certified Network Security Administrator (PAN-OS 10.0) or [Palo Alto Networks Certified Network Security Administrator (PAN-OS 10.0)].