Merge pull request #4218 from MicrosoftDocs/deniseb-acrolinx

DeniseB acrolinx fixes to antivirus content

windows/security/threat-protection/microsoft-defender-antivirus/microsoft-defender-antivirus-in-windows-10.md

@@ -1,6 +1,6 @@
 ---
 title: Next-generation protection in Windows 10, Windows Server 2016, and Windows Server 2019
-description: Learn how to manage, configure, and use Microsoft Defender AV, the built-in antimalware and antivirus product available in Windows 10 and Windows Server 2016
+description: Learn how to manage, configure, and use Microsoft Defender Antivirus, built-in antimalware and antivirus protection.
 keywords: Microsoft Defender Antivirus, windows defender, antimalware, scep, system center endpoint protection, system center configuration manager, virus, malware, threat, detection, protection, security
 search.product: eADQiWindows 10XVcnh
 ms.prod: w10
@@ -10,29 +10,30 @@ ms.pagetype: security
 ms.localizationpriority: medium
 author: denisebmsft
 ms.author: deniseb
-ms.date: 02/25/2020
+ms.date: 11/12/2020
 ms.reviewer: 
 manager: dansimp
 ms.custom: nextgen
 ---
 
-# Next-generation protection in Windows 10, Windows Server 2016, and Windows Server 2019
+# Next-generation protection in Windows
 
 [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
 
 
 **Applies to:**
 
-- [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- Windows 10
-
+- Windows Server 2016
+- Windows Server 2019
 
 ## Microsoft Defender Antivirus: Your next-generation protection
 
-Microsoft Defender Antivirus is the next-generation protection component of Microsoft Defender for Endpoint. Next-generation protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices in your enterprise organization. Next-generation protection services include the following:
+Microsoft Defender Antivirus is the next-generation protection component of Microsoft Defender for Endpoint. This protection brings together machine learning, big-data analysis, in-depth threat resistance research, and the Microsoft cloud infrastructure to protect devices in your enterprise organization. Your next-generation protection services include the following capabilities:
 
-- [Behavior-based, heuristic, and real-time antivirus protection](configure-protection-features-microsoft-defender-antivirus.md). This includes always-on scanning using file and process behavior monitoring and other heuristics (also known as "real-time protection"). It also includes detecting and blocking apps that are deemed unsafe, but may not be detected as malware.
+- [Behavior-based, heuristic, and real-time antivirus protection](configure-protection-features-microsoft-defender-antivirus.md), which includes always-on scanning using file and process behavior monitoring and other heuristics (also known as *real-time protection*). It also includes detecting and blocking apps that are deemed unsafe, but might not be detected as malware.
-- [Cloud-delivered protection](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md). This includes near-instant detection and blocking of new and emerging threats.
+- [Cloud-delivered protection](utilize-microsoft-cloud-protection-microsoft-defender-antivirus.md), which includes near-instant detection and blocking of new and emerging threats.
-- [Dedicated protection and product updates](manage-updates-baselines-microsoft-defender-antivirus.md). This includes updates related to keeping Microsoft Defender Antivirus up to date.
+- [Dedicated protection and product updates](manage-updates-baselines-microsoft-defender-antivirus.md), which includes updates related to keeping Microsoft Defender Antivirus up to date.
 
 ## Try a demo!
 
@@ -43,7 +44,7 @@ Visit the [Microsoft Defender for Endpoint demo website](https://demo.wd.microso
 
 ## Minimum system requirements
 
-Microsoft Defender Antivirus has the same hardware requirements as of Windows 10. For more information, see:
+Microsoft Defender Antivirus has the same hardware requirements as of Windows 10. For more information, see the following resources:
 
 - [Minimum hardware requirements](https://docs.microsoft.com/windows-hardware/design/minimum/minimum-hardware-requirements-overview)
 - [Hardware component guidelines](https://docs.microsoft.com/windows-hardware/design/component-guidelines/components)

windows/security/threat-protection/microsoft-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md

@@ -14,7 +14,7 @@ audience: ITPro
 author: denisebmsft
 ms.author: deniseb
 ms.custom: nextgen
-ms.date: 10/14/2020
+ms.date: 11/12/2020
 ---
 
 # Protect security settings with tamper protection
@@ -29,7 +29,7 @@ ms.date: 10/14/2020
 
 ## Overview
 
-During some kinds of cyber attacks, bad actors try to disable security features, such as anti-virus protection, on your machines. They do this to get easier access to your data, to install malware, or to otherwise exploit your data, identity, and devices. Tamper protection helps prevent this from occurring.
+During some kinds of cyber attacks, bad actors try to disable security features, such as anti-virus protection, on your machines. Bad actors like to disable your security features to get easier access to your data, to install malware, or to otherwise exploit your data, identity, and devices. Tamper protection helps prevent these kinds of things from occurring.
 
 With tamper protection, malicious apps are prevented from taking actions such as:
 
@@ -92,7 +92,7 @@ You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-
 
 1. Make sure your organization meets all of the following requirements to manage tamper protection using Intune:
 
-    - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; this is included in Microsoft 365 E5.)
+    - Your organization uses [Intune to manage devices](https://docs.microsoft.com/intune/fundamentals/what-is-device-management). ([Intune licenses](https://docs.microsoft.com/intune/fundamentals/licenses) are required; Intune is included in Microsoft 365 E5.)
     - Your Windows machines must be running Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later. (See [Windows 10 release information](https://docs.microsoft.com/windows/release-information/) for more details about releases.)
     - You must be using Windows security with [security intelligence](https://www.microsoft.com/wdsi/definitions) updated to version 1.287.60.0 (or above).
     - Your machines must be using anti-malware platform version 4.18.1906.3 (or above) and anti-malware engine version 1.1.15500.X (or above). ([Manage Microsoft Defender Antivirus updates and apply baselines](manage-updates-baselines-microsoft-defender-antivirus.md).)
@@ -132,7 +132,7 @@ If you are using Windows 10 OS [1709](https://docs.microsoft.com/windows/release
 > [!IMPORTANT]
 > The procedure can be used to extend tamper protection to devices running Windows 10 and Windows Server 2019. Make sure to review the prerequisites and other information in the resources mentioned in this procedure.
 
-If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10 and Windows Server 2019 using tenant attach. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices.
+If you're using [version 2006 of Configuration Manager](https://docs.microsoft.com/mem/configmgr/core/plan-design/changes/whats-new-in-version-2006), you can manage tamper protection settings on Windows 10 and Windows Server 2019 by using tenant attach. Tenant attach enables you to sync your on-premises-only Configuration Manager devices into the Microsoft Endpoint Manager admin center, and then deliver your endpoint security configuration policies to your on-premises collections & devices.
 
 1. Set up tenant attach. See [Microsoft Endpoint Manager tenant attach: Device sync and device actions](https://docs.microsoft.com/mem/configmgr/tenant-attach/device-sync-actions).
 
@@ -183,9 +183,9 @@ To learn more about Threat & Vulnerability Management, see [Threat & Vulnerabili
 
 Windows 10 OS [1709](https://docs.microsoft.com/windows/release-information/status-windows-10-1709), [1803](https://docs.microsoft.com/windows/release-information/status-windows-10-1803), [1809](https://docs.microsoft.com/windows/release-information/status-windows-10-1809-and-windows-server-2019), or later together with [Microsoft Defender for Endpoint](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp).
 
-If you are using Configuration Manager, version 2006 with tenant attach, tamper protection can be extended to Windows Server 2019. See [Tenant attach: Create and deploy endpoint security Antivirus policy from the admin center (preview)](https://docs.microsoft.com/mem/configmgr/tenant-attach/deploy-antivirus-policy).
+If you are using Configuration Manager, version 2006, with tenant attach, tamper protection can be extended to Windows Server 2019. See [Tenant attach: Create and deploy endpoint security Antivirus policy from the admin center (preview)](https://docs.microsoft.com/mem/configmgr/tenant-attach/deploy-antivirus-policy).
 
-### Will tamper protection have any impact on third party antivirus registration?
+### Will tamper protection have any impact on third-party antivirus registration?
 
 No. Third-party antivirus offerings will continue to register with the Windows Security application.
 
@@ -210,7 +210,7 @@ Your regular group policy doesn’t apply to tamper protection, and changes to M
 > [!NOTE]
 > A small delay in Group Policy (GPO) processing may occur if Group Policy settings include values that control Microsoft Defender Antivirus features protected by tamper protection.
 
-To avoid any potential delays, we recommend that you remove settings that control Microsoft Defender Antivirus related behavior from GPO and simply allow tamper protection to protect Microsoft Defender Antivirus settings.
+To avoid any potential delays, we recommend that you remove settings that control Microsoft Defender Antivirus related behavior using GPO and allow tamper protection to protect your Microsoft Defender Antivirus settings.
 
 Some sample Microsoft Defender Antivirus settings:
 
@@ -246,7 +246,7 @@ If a device is off-boarded from Microsoft Defender for Endpoint, tamper protecti
 
 Yes. The alert is shown in [https://securitycenter.microsoft.com](https://securitycenter.microsoft.com) under **Alerts**.
 
-In addition, your security operations team can use hunting queries, such as the following:
+In addition, your security operations team can use hunting queries, such as the following example:
 
 `DeviceAlertEvents | where Title == "Tamper Protection bypass"`