deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-29 05:37:22 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Update prevent-changes-to-security-settings-with-tamper-protection.md

Browse Source
This commit is contained in:
Denise Vangel-MSFT 2020-01-13 15:08:04 -08:00
parent b51b2e7dc1
commit f9f6147b1c
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md
View File

@ -140,11 +140,13 @@ If you are using Windows OS [1709](https://docs.microsoft.com/windows/release-in
## View information about tampering attempts
Tampering attempts typically indicate bigger cyberattacks where bad actors change security settings as a way to persist and stay undetected. If you're part of your organization's security team, you can view information about any attempts to tamper with security settings. When a tampering attempt is detected, an alert is raised in the [Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/portal-overview) ([https://securitycenter.windows.com](https://securitycenter.windows.com)).
Tampering attempts typically indicate bigger cyberattacks where bad actors change security settings as a way to persist and stay undetected. If you're part of your organization's security team, you can view information about any attempts to tamper with security settings, and then take appropriate actions to mitigate these threats.
When a tampering attempt is detected, an alert is raised in the [Microsoft Defender Security Center](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/portal-overview) ([https://securitycenter.windows.com](https://securitycenter.windows.com)).
![Microsoft Defender Security Center](images/tamperattemptalert.png)
Using the rich [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) capabilities and [advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview) in Microsoft Defender ATP, your security operations team can investigate and address such attempts.
Using [endpoint detection and response](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-endpoint-detection-response) and [advanced hunting](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview) capabilities in Microsoft Defender ATP, your security operations team can investigate and address such attempts.
## Frequently asked questions