Draft

windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md

@@ -0,0 +1,39 @@
+
+
+
+
+Prevent security settings changes with Tamper Protection
+ 
+Tamper Protection helps prevent malicious apps from changing important security settings. These settings include:
+ 
+•	Real-time protection
+•	Cloud-delivered protection
+•	IOfficeAntivirus (IOAV)
+•	Behavior monitoring
+•	Scheduled scans
+•	Policy override settings
+ 
+With Tamper Protection set to On, you can still change these settings in the Windows Security app. The following apps and methods can't change these settings:
+ 
+•	Mobile device management (MDM) apps like Intune
+•	Enterprise configuration management apps like System Center Configuration Manager (SCCM)
+•	Command line instruction MpCmdRun.exe -removedefinitions -dynamicsignatures
+•	Windows System Image Manager (Windows SIM) settings DisableAntiSpyware ad DisableAntiMalware (used in Windows unattended setup)
+•	Group Policy
+•	Other Windows Management Instrumentation (WMI) apps
+ 
+The Tamper Protection setting doesn't affect how third party antivirus apps register with the Windows Security app.
+ 
+On computers running Windows 10 Enterprise E5, users can't change the Tamper Protection setting.
+ 
+Tamper Protection is On by default. If you set Tamper Protection to Off, you will see a yellow warning in the Windows Security app under Virus & threat protection.
+ 
+Configure Tamper Protection
+ 
+1.	Open the Windows Security app by clicking the shield icon in the task bar or searching the start menu for Defender.
+2.	Select Virus & threat protection, then select Virus & threat protection settings.
+3.	Set Tamper Protection to On or Off.
+ 
+Note
+If your computer is running Windows 10 Enterprise E5, you can't change the Tamper Protection setting.
+