diff --git a/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
index 83a7dd2944..2c61ab81ad 100644
--- a/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/configure-block-at-first-sight-windows-defender-antivirus.md
@@ -45,7 +45,7 @@ You can also [specify how long the file should be prevented from running](config
 
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the features are working and see how Cloud-delivered protection and the Block at first sight features work.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
 
 
 ## How it works
diff --git a/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
index c7095877db..cfcb0f8782 100644
--- a/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
@@ -33,7 +33,7 @@ This topic lists the connections that must be allowed, such as by using firewall
 See the Enterprise Mobility and Security blog post [Important changes to Microsoft Active Protection Services endpoint](https://blogs.technet.microsoft.com/enterprisemobility/2016/05/31/important-changes-to-microsoft-active-protection-service-maps-endpoint/) for some details about network connectivity.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the following features are working:
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
 >- Cloud-delivered protection
 >- Fast learning (including Black at first sight)
 >- Potentially unwanted application blocking
diff --git a/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
index 377624d681..baaa8a9d3c 100644
--- a/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/detect-block-potentially-unwanted-apps-windows-defender-antivirus.md
@@ -42,7 +42,7 @@ Typical PUA behavior includes:
 These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify, and can waste IT resources in cleaning up the applications.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 ## How it works
 
diff --git a/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
index d4e1e10f16..2ba340b214 100644
--- a/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/evaluate-windows-defender-antivirus.md
@@ -29,7 +29,7 @@ ms.date: 08/25/2017
 If you're an enterprise security administrator, and you want to determine how well Windows Defender Antivirus protects you from viruses, malware, and potentially unwanted applications, then you can use this guide to help you evaluate Microsoft protection.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the following features are working and see how they work:
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
 >- Cloud-delivered protection
 >- Fast learning (including Black at first sight)
 >- Potentially unwanted application blocking
diff --git a/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
index 275c71c55c..74189f1f15 100644
--- a/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus.md
@@ -35,7 +35,7 @@ The tables list:
 - [Internal Windows Defender AV client error codes (used by Microsoft during development and testing)](#internal-error-codes)
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the features are working, including:
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working:
 >- Cloud-delivered protection
 >- Fast learning (including Black at first sight)
 >- Potentially unwanted application blocking
diff --git a/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
index aaa79a6993..6eb293cfaa 100644
--- a/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
+++ b/windows/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md
@@ -41,7 +41,7 @@ src="https://videoplayercdn.osi.office.net/embed/c2f20f59-ca56-4a7b-ba23-44c60bc
 Cloud-delivered protection is enabled by default, however you may need to re-enable it if it has been disabled as part of previous organizational policies.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the features are working and see how Cloud-delivered protection and the Block at first sight feature works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 
 The following table describes the differences in cloud-delivered protection between recent versions of Windows and System Center Configuration Manager.
diff --git a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
index d73222f730..989d6a0711 100644
--- a/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
+++ b/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md
@@ -44,7 +44,7 @@ Some of the highlights of Windows Defender AV include:
 
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the features are working and see how they work, including:
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the following features are working and see how they work:
 >- Cloud-delivered protection
 >- Fast learning (including Black at first sight)
 >- Potentially unwanted application blocking
diff --git a/windows/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
index a7e8994c9f..e746c60006 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/attack-surface-reduction-exploit-guard.md
@@ -47,7 +47,7 @@ Attack surface reduction helps prevent actions and apps that are typically used
 It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md).
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 Attack surface reduction works best with [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md) - which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md).
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
index dfbac86d2d..1f91198bed 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/audit-windows-defender-exploit-guard.md
@@ -40,6 +40,9 @@ This topic provides links that describe how to enable the audit functionality fo
 
 You can use Group Policy, PowerShell, and configuration servicer providers (CSPs) to enable audit mode.
 
+>[!TIP]
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
+
 
 
 Audit options | How to enable audit mode | How to view events
diff --git a/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
index abb9b0fa21..a2095a35f1 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard.md
@@ -43,7 +43,7 @@ Controlled folder access helps you protect valuable data from malicious apps and
 It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md).
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 Controlled folder access works best with [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md) - which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md).
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md
index 762bcd9499..93cf4d2df8 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-attack-surface-reduction.md
@@ -46,7 +46,7 @@ This topic helps you evaluate Attack surface reduction. It explains how to demo
 >For instructions on how to use Group Policy, Mobile Device Management (MDM), and System Center Configuration Manager to deploy these settings across your network, see the main [Attack surface reduction topic](attack-surface-reduction-exploit-guard.md).
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 
 ## Use the demo tool to see how Attack surface reduction works
diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md
index 06b89f9b2d..a31b2ff2e6 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-controlled-folder-access.md
@@ -45,7 +45,7 @@ This topic helps you evaluate Controlled folder access. It explains how to demo
 >For instructions on how to use Group Policy, Mobile Device Management (MDM), and System Center Configuration Manager to deploy these settings across your network, see the main [Controlled folder access topic](controlled-folders-exploit-guard.md).
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 ## Use the demo tool to see how Controlled folder access works
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md
index 8ea10f41e5..660b96a36a 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-exploit-protection.md
@@ -47,7 +47,7 @@ This topcs helps you evaluate Exploit protection. See the [Exploit protection to
 >For instructions on how to use Group Policy and Mobile Device Management (MDM to deploy these settings across your network, see the main [Exploit protection topic](exploit-protection-exploit-guard.md) .
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 ## Enable and validate an Exploit protection mitigation
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md
index 3f6a717317..f3d44b112d 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-network-protection.md
@@ -46,7 +46,7 @@ This topic helps you evaluate Network protection by enabling the feature and gui
 >The site will replicate the behavior that would happen if a user visted a malicious site or domain. The sites in this evaluation topic are not malicious, they are specially created websites that pretend to be malicious.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 ## Enable Network protection
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md
index 700ab63dda..2b0ebfe200 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/evaluate-windows-defender-exploit-guard.md
@@ -34,7 +34,7 @@ Windows Defender Exploit Guard is a new collection of tools and features that he
 Windows Defender Exploit Guard is comprised of four features. We've developed evaluation guides for each of the features so you can easily and quickly see how they work and determine if they are suitable for your organization.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the features are working and see how they work.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how they work.
 
 
 Before you begin, you should read the main [Windows Defender Exploit Guard](windows-defender-exploit-guard.md) topic to get an understanding of each of the features and what their prerequisites are.
diff --git a/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
index b404a5f989..447c78fb6f 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/exploit-protection-exploit-guard.md
@@ -43,7 +43,7 @@ Exploit protection automatically applies a number of exploit mitigation techniqu
 It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md).
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
 
 Exploit protection works best with [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md) - which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md).
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
index 17051d443a..a81cd5aa90 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/network-protection-exploit-guard.md
@@ -43,7 +43,8 @@ It expands the scope of [Windows Defender SmartScreen](../windows-defender-smart
 It is part of [Windows Defender Exploit Guard](windows-defender-exploit-guard.md).
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how it works.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
+
 
 Network protection works best with [Windows Defender Advanced Threat Protection](../windows-defender-atp/windows-defender-advanced-threat-protection.md) - which gives you detailed reporting into Windows Defender EG events and blocks as part of the usual [alert investigation scenarios](../windows-defender-atp/investigate-alerts-windows-defender-advanced-threat-protection.md).
 
diff --git a/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md b/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
index 8940b615bf..22db1ea61d 100644
--- a/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
+++ b/windows/threat-protection/windows-defender-exploit-guard/windows-defender-exploit-guard.md
@@ -46,7 +46,7 @@ You can evaluate each feature of Windows Defender EG with the guides at the foll
 You can also [enable audit mode](audit-windows-defender-exploit-guard.md) for the features, which provides you with basic event logs that indicate how the feature would have responded if it had been fully enabled. This can be useful when evaluating the impact of Windows Defender EG and to help determine the impact of the features on your network's security.
 
 >[!TIP]
->You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com) to confirm the feature is working and see how each of the features work.
+>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the features are working and see how each of them work.
 
 Windows Defender EG can be managed and reported on in the Windows Defender Security Center as part of the Windows Defender Advanced Threat Protection suite of threat mitigation, preventing, protection, and analysis technologies, which also includes:
 - [The Windows Defender ATP console](../windows-defender-atp/windows-defender-advanced-threat-protection.md)