which rules will the connection templates be generated in SecureXL?

C is Correct Answer! (Rule 3 in this question is of action “Client Auth”)

If the Rule Base contains a rule regarding one of the following components, the Connection Templates will be disabled for connections matching this rule, and for all of the following rules:

Security Server connections.
Time objects in the rules.
Dynamic Objects and/or Domain Objects.
Services of type “other” with a match expression.
User/Client/Session Authentication actions.
Services of type RPC/DCERPC/DCOM.

When installing a policy containing restricted rules, you will receive console messages indicating that Connection Templates will not be created due to the rules that have been defined. The warnings should be used as a recommendation that will assist you to fine-tune your policy in order to optimize performance.

The image of this question is here:
http://www.aiotestking.com/checkpoint/which-rules-will-the-connection-templates-be-generated-in-securexl/

Correct Answer is “C. Rule 2 only” as CPUG sad. His explanation is correct too.

Rule 1 and 6 are drop rules, so they might create drop templates, but never could they create connection templates, impossible.
Rule 2 can create connection templates, no one doubts.
Rule 3 and following: CPUG gave the right explanation.