Following are the PHP handler types that can be used in Plesk.
Apache module - It is the least secure option as all PHP scripts are executed on behalf of the apache user. This means that all files created by PHP scripts of any plan subscriber have the same owner (apache) and the same permission set. Thus, it is possible for a user to affect the files of another user or some important system files.
FastCGI application - The FastCGI handler runs PHP scripts on behalf of a system user associated with a hosting account.
PHP-FPM application - The PHP-FPM is an advanced version of FastCGI which offers significant benefits for highly loaded web applications.