I was wondering for a while what could be the use case for "Preferred". Generally, we would use either clear or encrypted cookies, so why having a "Preferred" option? Well, that's an excellent choice for a smooth transition from unencrypted to encrypted cookies. With "Cookie Encryption Use Policy" set to "Preferred", the system will generate encrypted cookies while still accepting the unencrypted cookies sent in the requests from previous clients.
This "Preferred" option should be kept for the duration of the cookie previously configured in the Cookie Persistence Profile ("Expiration" field). After that, all previous cookies should have either expired or been replaced by an encrypted one. For a Session Cookie, use your own judgement, I guess.