From 2b6c78b87fadb73235bce209282d6d2ea9e7a82e Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:14:07 -0700
Subject: [PATCH 1/9] Update operating-system.md

---
 windows/security/operating-system.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 9e7ed088cc..d072a0acb2 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -34,7 +34,7 @@ Windows Security app | The Windows built-in security application found in setitn
 | Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server. These rules block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure rules to protect against risky behaviors.<br/><br/> Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. <br/><br/>Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
-| Controlled folder access | Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
-| Exploit protection | Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
-| Microsoft Defender for Endpoint | Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
+| Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders. <br/><br/>Controlled folder access works with a list of trusted apps. Apps that are included in the list of trusted software work as expected. Apps that are not included in the trusted list are prevented from making any changes to files inside protected folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
+| Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously.When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>You can use audit mode to evaluate how exploit protection would impact your organization if it were enabled.<br/><br/>In Windows 10, version 1709 and later provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
+| Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint brings together the following elements to provide a more complete picture of security incidents:<br/><br/>- Endpoint behavioral sensors: Embedded in Windows, these sensors collect and process behavioral signals from the operating system and send this sensor data to your private, isolated, cloud instance of Microsoft Defender for Endpoint.<br/><br/>- Cloud security analytics: Leveraging big-data, device-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products such as Microsoft 365, and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats.<br/><br/>- Threat intelligence: Microsoft’s threat intelligence is informed by trillions of security signals every day. Combined with our global team of security experts, and cutting-edge artificial intelligence and machine learning, we can see threats that others miss. Our threat intelligence helps provide unparalleled protection for our customers.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
 

From 22533381f80c153986cc4295b2372c4d147a1751 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:15:20 -0700
Subject: [PATCH 2/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index d072a0acb2..31fcfaae14 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -36,5 +36,5 @@ Windows Security app | The Windows built-in security application found in setitn
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. <br/><br/>Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
 | Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders. <br/><br/>Controlled folder access works with a list of trusted apps. Apps that are included in the list of trusted software work as expected. Apps that are not included in the trusted list are prevented from making any changes to files inside protected folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
 | Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously.When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>You can use audit mode to evaluate how exploit protection would impact your organization if it were enabled.<br/><br/>In Windows 10, version 1709 and later provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
-| Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint brings together the following elements to provide a more complete picture of security incidents:<br/><br/>- Endpoint behavioral sensors: Embedded in Windows, these sensors collect and process behavioral signals from the operating system and send this sensor data to your private, isolated, cloud instance of Microsoft Defender for Endpoint.<br/><br/>- Cloud security analytics: Leveraging big-data, device-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products such as Microsoft 365, and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats.<br/><br/>- Threat intelligence: Microsoft’s threat intelligence is informed by trillions of security signals every day. Combined with our global team of security experts, and cutting-edge artificial intelligence and machine learning, we can see threats that others miss. Our threat intelligence helps provide unparalleled protection for our customers.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
+| Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
 

From 11fcd75a488dac5b7abb0821ffc0708261e17c22 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:18:33 -0700
Subject: [PATCH 3/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 31fcfaae14..49c1b14910 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -34,7 +34,7 @@ Windows Security app | The Windows built-in security application found in setitn
 | Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server. These rules block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure rules to protect against risky behaviors.<br/><br/> Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. <br/><br/>Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
-| Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders. <br/><br/>Controlled folder access works with a list of trusted apps. Apps that are included in the list of trusted software work as expected. Apps that are not included in the trusted list are prevented from making any changes to files inside protected folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
+| Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
 | Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously.When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>You can use audit mode to evaluate how exploit protection would impact your organization if it were enabled.<br/><br/>In Windows 10, version 1709 and later provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
 | Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
 

From 397251695439ee621e40277c49152c3314c25215 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:19:01 -0700
Subject: [PATCH 4/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 49c1b14910..3889734f8f 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -33,7 +33,7 @@ Windows Security app | The Windows built-in security application found in setitn
 | Antivirus & antimalware protection | Microsoft Defender Antivirus is included in all versions of Windows 10, Windows Server 2016 and later, and Windows 11. <br/><br/>From the moment you boot Windows, Microsoft Defender Antivirus continually monitors for malware, viruses, and security threats. Updates are downloaded automatically to help protect your device from threats.  Microsoft Defender Antivirus continually scans for malware and threats, and also detects and blocks potentially unwanted applications (applications that can negatively impact your device even though they are not considered malware).<br/><br/>If you have another antivirus app installed and turned on, Microsoft Defender Antivirus will turn off automatically. If you uninstall the other app, Microsoft Defender Antivirus will turn back on. <br/><br/>Microsoft Defender Antivirus integrates with cloud-delivered protection, which helps ensure near-instant detection and blocking of new and emerging threats.<br/><br/>Learn more about [next-generation protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows).| 
 | Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server. These rules block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure rules to protect against risky behaviors.<br/><br/> Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
-| Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. <br/><br/>Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
+| Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
 | Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
 | Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously.When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>You can use audit mode to evaluate how exploit protection would impact your organization if it were enabled.<br/><br/>In Windows 10, version 1709 and later provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
 | Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |

From 5f83cad73f11915d5eeffa17809a51fafc1f1066 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:21:08 -0700
Subject: [PATCH 5/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 3889734f8f..82c9994bc3 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -35,6 +35,6 @@ Windows Security app | The Windows built-in security application found in setitn
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
 | Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
-| Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously.When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>You can use audit mode to evaluate how exploit protection would impact your organization if it were enabled.<br/><br/>In Windows 10, version 1709 and later provides configuration options for Exploit protection. You can prevent users from modifying these specific options with Group Policy. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
+| Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously. When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>Exploit protection is available in Windows 10, version 1709 and later. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
 | Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
 

From 2cf1f97af68fde3a9b37e04119a0bd1ab949a663 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:30:17 -0700
Subject: [PATCH 6/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 82c9994bc3..c4926b7add 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -35,6 +35,6 @@ Windows Security app | The Windows built-in security application found in setitn
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
 | Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
-| Exploit protection | Exploit protection automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously. When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>Exploit protection is available in Windows 10, version 1709 and later. <br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
+| Exploit protection | Exploit protection, available in Windows 10, version 1709 and later, automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously. When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
 | Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
 

From 59f4417c1b72b8dc93083e386d30c02413b85684 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:44:50 -0700
Subject: [PATCH 7/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index c4926b7add..9e6018c19d 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -30,7 +30,7 @@ Windows Security app | The Windows built-in security application found in setitn
 | Encrypted Hard Drive | <br/><br/>Encrypted Hard Drive uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management. <br> By offloading the cryptographic operations to hardware, Encrypted Hard Drives increase BitLocker performance and reduce CPU usage and power consumption. Because Encrypted Hard Drives encrypt data quickly, enterprise devices can expand BitLocker deployment with minimal impact on productivity. <br/><br/> Learn more about [Encrypted Hard Drives](information-protection/encrypted-hard-drive.md). <br><br/> |
 | Virtual Private Network | Virtual private networks (VPNs) are point-to-point connections across a private or public network, such as the Internet. A VPN client uses special TCP/IP or UDP-based protocols, called tunneling protocols, to make a virtual call to a virtual port on a VPN server. <br><br/>Learn more about [Virtual Private Networks](identity-protection/vpn/vpn-guide.md) (VPNs).<br/><br/>|
 | Windows Defender Firewall | Windows Defender Firewall is a stateful host firewall that helps secure the device by allowing you to create rules that determine which network traffic is permitted to enter the device from the network and which network traffic the device is allowed to send to the network. Windows Defender Firewall also supports Internet Protocol security (IPsec), which you can use to require authentication from any device that is attempting to communicate with your device. <br><br/> Learn more about [Windows Defender Firewall with advanced security](threat-protection/windows-firewall/windows-firewall-with-advanced-security.md).<br/><br/>
-| Antivirus & antimalware protection | Microsoft Defender Antivirus is included in all versions of Windows 10, Windows Server 2016 and later, and Windows 11. <br/><br/>From the moment you boot Windows, Microsoft Defender Antivirus continually monitors for malware, viruses, and security threats. Updates are downloaded automatically to help protect your device from threats.  Microsoft Defender Antivirus continually scans for malware and threats, and also detects and blocks potentially unwanted applications (applications that can negatively impact your device even though they are not considered malware).<br/><br/>If you have another antivirus app installed and turned on, Microsoft Defender Antivirus will turn off automatically. If you uninstall the other app, Microsoft Defender Antivirus will turn back on. <br/><br/>Microsoft Defender Antivirus integrates with cloud-delivered protection, which helps ensure near-instant detection and blocking of new and emerging threats.<br/><br/>Learn more about [next-generation protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows).| 
+| Antivirus & antimalware protection | Microsoft Defender Antivirus is included in all versions of Windows 10, Windows Server 2016 and later, and Windows 11. If you have another antivirus app installed and turned on, Microsoft Defender Antivirus will turn off automatically. If you uninstall the other app, Microsoft Defender Antivirus will turn back on. <br/><br/>From the moment you boot Windows, Microsoft Defender Antivirus continually monitors for malware, viruses, and security threats. Updates are downloaded automatically to help protect your device from threats.  Microsoft Defender Antivirus continually scans for malware and threats, and also detects and blocks potentially unwanted applications (applications that can negatively impact your device even though they are not considered malware).<br/><br/>Microsoft Defender Antivirus integrates with cloud-delivered protection, which helps ensure near-instant detection and blocking of new and emerging threats.<br/><br/>Learn more about [next-generation protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows).| 
 | Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server. These rules block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure rules to protect against risky behaviors.<br/><br/> Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |

From c6a3ad498cd9d6b15025034d5498a5a4218e5eb8 Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:45:55 -0700
Subject: [PATCH 8/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index 9e6018c19d..a16171bae0 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -34,7 +34,7 @@ Windows Security app | The Windows built-in security application found in setitn
 | Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server. These rules block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure rules to protect against risky behaviors.<br/><br/> Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |
 | Anti-tampering protection | Attacks like ransomware attempt to disable security features, such as anti-virus protection, on targeted devices. Bad actors like to disable security features to get easier access to user’s data, to install malware, or to otherwise exploit user’s data, identity, and devices without fear of being blocked. Tamper protection helps prevent these kinds of activities.<br/><br/>With tamper protection, malware is prevented from taking actions such as:<br/>- Disabling virus and threat protection<br/>- Disabling real-time protection<br/>- Turning off behavior monitoring<br/>- Disabling antivirus (such as IOfficeAntivirus (IOAV))<br/>- Disabling cloud-delivered protection<br/>- Removing security intelligence updates <br/><br/>Learn more about [Tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection). | 
 | Network protection | Network protection in Windows helps prevent users from accessing dangerous IP addresses and domains that may host phishing scams, exploits, and other malicious content on the Internet. Network protection is part of attack surface reduction and helps provide an additional layer of protection for a user. Using reputation-based services, network protection blocks access to potentially harmful, low-reputation based domains and IP addresses. <br/><br/>In enterprise environments, network protection works best with [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/?view=o365-worldwide), which provides detailed reporting into protection events as part of larger investigation scenarios.<br/><br/> Learn more about [Network protection](/microsoft-365/security/defender-endpoint/network-protection). |
-| Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders.<br/><br/> Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
+| Controlled folder access | With controlled folder access, you can protect your valuable information in specific folders by managing apps’ access to specific folders. Only trusted apps can access protected folders, which are specified when controlled folder access is configured. Typically, commonly used folders, such as those used for documents, pictures, downloads, are included in the list of controlled folders. Controlled folder access helps protect valuable data from malicious apps and threats, such as ransomware. <br/><br/>Learn more about [Controlled folder access](/microsoft-365/security/defender-endpoint/controlled-folders). |
 | Exploit protection | Exploit protection, available in Windows 10, version 1709 and later, automatically applies several exploit mitigation techniques to operating system processes and apps. Exploit protection works best with Microsoft Defender for Endpoint, which gives organizations detailed reporting into exploit protection events and blocks as part of typical alert investigation scenarios. <br/><br/>You can enable exploit protection on an individual device, and then use Group Policy to distribute the XML file to multiple devices simultaneously. When a mitigation is encountered on the device, a notification will be displayed from the Action Center. You can customize the notification with your company details and contact information. You can also enable the rules individually to customize which techniques the feature monitors.<br/><br/>Learn more about [Exploit protection](/microsoft-365/security/defender-endpoint/exploit-protection). | 
 | Microsoft Defender for Endpoint | Windows E5 customers benefit from [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint?view=o365-worldwide), an enterprise endpoint detection and response capability that helps enterprise security teams detect, investigate, and respond to advanced threats. With rich event data and attack insights, Defender for Endpoint enables your security team to investigate incidents and take remediation actions effectively and efficiently.<br/><br/>Defender for Endpoint also is part of [Microsoft 365 Defender](/microsoft-365/security/defender/?view=o365-worldwide), a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications to provide integrated protection against sophisticated attacks.<br/><br/>Learn more about [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint). |
 

From 5e418b87cbbed64ea18a99fcefaba8ea2fe489cb Mon Sep 17 00:00:00 2001
From: denisebmsft <18405051+denisebmsft@users.noreply.github.comgit>
Date: Thu, 16 Sep 2021 16:46:35 -0700
Subject: [PATCH 9/9] Update operating-system.md

---
 windows/security/operating-system.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/windows/security/operating-system.md b/windows/security/operating-system.md
index a16171bae0..0541c53a89 100644
--- a/windows/security/operating-system.md
+++ b/windows/security/operating-system.md
@@ -28,7 +28,7 @@ Windows Security app | The Windows built-in security application found in setitn
 | Encryption and data protection | Wherever confidential data is stored, it must be protected against unauthorized access, whether through physical device theft or from malicious applications. Windows provides strong at-rest data-protection solutions that guard against nefarious attackers. <br/><br/> Learn more about [Encryption](encryption-data-protection.md). 
 | BitLocker | BitLocker Drive Encryption is a data protection feature that integrates with the operating system and addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers. BitLocker provides the most protection when used with a Trusted Platform Module (TPM) version 1.2 or later. <br/> <br/> Learn more about [BitLocker](information-protection/bitlocker/bitlocker-overview.md). |
 | Encrypted Hard Drive | <br/><br/>Encrypted Hard Drive uses the rapid encryption that is provided by BitLocker Drive Encryption to enhance data security and management. <br> By offloading the cryptographic operations to hardware, Encrypted Hard Drives increase BitLocker performance and reduce CPU usage and power consumption. Because Encrypted Hard Drives encrypt data quickly, enterprise devices can expand BitLocker deployment with minimal impact on productivity. <br/><br/> Learn more about [Encrypted Hard Drives](information-protection/encrypted-hard-drive.md). <br><br/> |
-| Virtual Private Network | Virtual private networks (VPNs) are point-to-point connections across a private or public network, such as the Internet. A VPN client uses special TCP/IP or UDP-based protocols, called tunneling protocols, to make a virtual call to a virtual port on a VPN server. <br><br/>Learn more about [Virtual Private Networks](identity-protection/vpn/vpn-guide.md) (VPNs).<br/><br/>|
+| Virtual Private Network | Virtual private networks (VPNs) are point-to-point connections across a private or public network, such as the Internet. A VPN client uses special TCP/IP or UDP-based protocols, called tunneling protocols, to make a virtual call to a virtual port on a VPN server. <br><br/>Learn more about [Virtual Private Networks](identity-protection/vpn/vpn-guide.md).<br/><br/>|
 | Windows Defender Firewall | Windows Defender Firewall is a stateful host firewall that helps secure the device by allowing you to create rules that determine which network traffic is permitted to enter the device from the network and which network traffic the device is allowed to send to the network. Windows Defender Firewall also supports Internet Protocol security (IPsec), which you can use to require authentication from any device that is attempting to communicate with your device. <br><br/> Learn more about [Windows Defender Firewall with advanced security](threat-protection/windows-firewall/windows-firewall-with-advanced-security.md).<br/><br/>
 | Antivirus & antimalware protection | Microsoft Defender Antivirus is included in all versions of Windows 10, Windows Server 2016 and later, and Windows 11. If you have another antivirus app installed and turned on, Microsoft Defender Antivirus will turn off automatically. If you uninstall the other app, Microsoft Defender Antivirus will turn back on. <br/><br/>From the moment you boot Windows, Microsoft Defender Antivirus continually monitors for malware, viruses, and security threats. Updates are downloaded automatically to help protect your device from threats.  Microsoft Defender Antivirus continually scans for malware and threats, and also detects and blocks potentially unwanted applications (applications that can negatively impact your device even though they are not considered malware).<br/><br/>Microsoft Defender Antivirus integrates with cloud-delivered protection, which helps ensure near-instant detection and blocking of new and emerging threats.<br/><br/>Learn more about [next-generation protection and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows).| 
 | Attack surface reduction rules | Your attack surfaces are the places and ways you are vulnerable to a cyber attack. Attack surface reduction rules are built into Windows and Windows Server. These rules block certain behaviors that are often abused to compromise your device or network. Such behaviors can include launching scripts or executables that attempt to download or run other files, running suspicious scripts, or performing other behaviors that apps don't typically initiate during normal work. You can configure rules to protect against risky behaviors.<br/><br/> Learn more about [Attack surface reduction rules](/microsoft-365/security/defender-endpoint/attack-surface-reduction) |