SubhMSFT
diff --git a/‎exchange/exchange-ps/exchange/Disable-ATPProtectionPolicyRule.md
Lines changed: 3 additions & 13 deletions b/‎exchange/exchange-ps/exchange/Disable-ATPProtectionPolicyRule.md
Lines changed: 3 additions & 13 deletions
diff --git a/‎exchange/exchange-ps/exchange/Disable-EOPProtectionPolicyRule.md
Lines changed: 4 additions & 13 deletions b/‎exchange/exchange-ps/exchange/Disable-EOPProtectionPolicyRule.md
Lines changed: 4 additions & 13 deletions
diff --git a/‎exchange/exchange-ps/exchange/Enable-ATPProtectionPolicyRule.md
Lines changed: 3 additions & 13 deletions b/‎exchange/exchange-ps/exchange/Enable-ATPProtectionPolicyRule.md
Lines changed: 3 additions & 13 deletions
diff --git a/‎exchange/exchange-ps/exchange/Enable-EOPProtectionPolicyRule.md
Lines changed: 21 additions & 4 deletions b/‎exchange/exchange-ps/exchange/Enable-EOPProtectionPolicyRule.md
Lines changed: 21 additions & 4 deletions
diff --git a/‎exchange/exchange-ps/exchange/Get-ATPBuiltInProtectionRule.md
Lines changed: 100 additions & 0 deletions b/‎exchange/exchange-ps/exchange/Get-ATPBuiltInProtectionRule.md
Lines changed: 100 additions & 0 deletions
@@ -28,19 +28,9 @@ Disable-ATPProtectionPolicyRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Organizations with Defender for Office 365 have up to four rules that are associated with the Standard preset security policy and the Strict preset security policy:
+The State property in rules that are associated with preset security policies indicates whether the rule is Enabled or Disabled.
 
-- Two rules for Exchange Online Protection (EOP) protections: The rule for the Standard Preset security policy and the rule for the Strict preset security policy control who the EOP protections in the policy (anti-malware, anti-spam, and anti-phishing) apply to (the recipient conditions and exceptions for EOP protections).
-- Two rules for Defender for Office 365 protections: The rule for the Standard Preset security policy and the rule for the Strict preset security policy control who the Defender for Office 365 protections in the policy (Safe Links and Safe Attachments) apply to (the recipient conditions and exceptions for Defender for Office 365 protections).
-
-If the command `Get-ATPProtectionPolicyRule | Format-Table Name,State` returns a rule where the State property value is Enabled, you can use this cmdlet to disable the rule. However, the corresponding preset security policy isn't turned off until you also use the Disable-EOPProtectionPolicyRule cmdlet to disable the corresponding rule for EOP protections.
-
-A rule that's associated with Defender for Office 365 protections in the Standard preset security policy or the Strict preset security policy already exists if either of the following statements are true:
-
-- You previously turned on the Standard preset security policy or the Strict preset security policy in the Microsoft 365 Defender portal. Whether it's currently turned on after you initially turned it on doesn't matter (turning off the policy doesn't delete the rule).
-- You previously removed the rule using the Remove-ATPProtectionPolicyRule cmdlet, and then you recreated the rule using the New-ATPProtectionPolicyRule cmdlet.
-
-For more information about preset security policies, see [Preset security policies in EOP and Microsoft Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies).
+For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
@@ -51,7 +41,7 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Disable-ATPProtectionPolicyRule -Identity "Standard Preset Security Policy"; Disable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"
 ```
 
-This example turns off the Standard preset security policy. The State value of both rules is now Disabled.
+In organizations with Defender for Office 365, this example turns off the Standard preset security policy. The State property value of both rules is now Disabled.
 
 ## PARAMETERS
 
 
@@ -28,18 +28,9 @@ Disable-EOPProtectionPolicyRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-All Microsoft 365 organizations can have up to two rules that are associated with Exchange Online Protection (EOP) protections in preset security policies. The rule for the Standard Preset security policy and the rule for the Strict preset security policy controls who the EOP protections in the policy (anti-malware, anti-spam, and anti-phishing) apply to (the recipient conditions and exceptions for EOP protections).
+The State property in rules that are associated with preset security policies indicates whether the rule is Enabled or Disabled.
 
-In organizations that don't have Defender for Office 365, if the command `Get-EOPProtectionPolicyRule | Format-Table Name,State` returns a rule where the State property value is Enabled, you can use this cmdlet to disable the rule. This action also turns off the corresponding preset security policy.
-
-But, if your organization has Defender for Office 365, there are two more rules that are associated with Defender for Office 365 protections in preset security policies. The rule for the Standard Preset security policy and the rule for the Strict preset security policy control who the Defender for Office 365 protections in the policy (Safe Links and Safe Attachments) apply to (the recipient conditions and exceptions for Defender for Office 365 protections). The corresponding preset security policy isn't turned off until you also use the Disable-AtPProtectionPolicyRule cmdlet to disable the corresponding rule for Defender for Office 365 protections.
-
-A rule that's associated with EOP protections in the Standard preset security policy or the Strict preset security policy already exists if either of the following statements are true:
-
-- You previously turned on the Standard preset security policy or the Strict preset security policy in the Microsoft 365 Defender portal. Whether it's currently turned on after you initially turned it on doesn't matter (turning off the policy doesn't delete the).
-- You previously removed the rule using the Remove-EOPProtectionPolicyRule cmdlet, and then you recreated the rule using the New-EOPProtectionPolicyRule cmdlet.
-
-For more information about preset security policies, see [Preset security policies in EOP and Microsoft Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies).
+For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
@@ -50,14 +41,14 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Disable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"
 ```
 
-In organizations without Defender for Office 365, this example turns off the Standard preset security policy. The State value of the rule is now Disabled.
+In organizations without Defender for Office 365, this example turns off the Standard preset security policy. The State property value of the rule is now Disabled.
 
 ### Example 2
 ```powershell
 Disable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"; Disable-ATPProtectionPolicyRule -Identity "Standard Preset Security Policy"
 ```
 
-In organizations with Defender for Office 365, this example turns off the Standard preset security policy. The State value of both rules is now Disabled.
+In organizations with Defender for Office 365, this example turns off the Standard preset security policy. The State property value of both rules is now Disabled.
 
 ## PARAMETERS
 
 
@@ -28,19 +28,9 @@ Enable-ATPProtectionPolicyRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Organizations with Defender for Office 365 have up to four rules that are associated with the Standard preset security policy and the Strict preset security policy:
+The State property in rules that are associated with preset security policies indicates whether the rule is Enabled or Disabled.
 
-- Two rules for Exchange Online Protection (EOP) protections: The rule for the Standard Preset security policy and the rule for the Strict preset security policy control who the EOP protections in the policy (anti-malware, anti-spam, and anti-phishing) apply to (the recipient conditions and exceptions for EOP protections).
-- Two rules for Defender for Office 365 protections: The rule for the Standard Preset security policy and the rule for the Strict preset security policy control who the Defender for Office 365 protections in the policy (Safe Links and Safe Attachments) apply to (the recipient conditions and exceptions for Defender for Office 365 protections).
-
-If the command `Get-ATPProtectionPolicyRule | Format-Table Name,State` returns a rule where the State value is Disabled, you can use this cmdlet to enable the rule. However, the corresponding preset security policy isn't turned on until you also use the Enable-EOPProtectionPolicyRule cmdlet to enable the corresponding rule.
-
-A rule that's associated with the Defender for Office 365 protections in the Standard preset security policy or the Strict preset security policy exists in organizations with Defender for Office 365 if either of the following statements are true:
-
-- You previously turned on the Standard preset security policy or the Strict preset security policy in the Microsoft 365 Defender portal. Whether it's currently turned on after you initially turned it on doesn't matter.
-- You previously removed the rule using the Remove-ATPProtectionPolicyRule cmdlet, and then you recreated the rule using the New-ATPProtectionPolicyRule cmdlet.
-
-For more information about preset security policies, see [Preset security policies in EOP and Microsoft Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies).
+For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
@@ -51,7 +41,7 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Enable-ATPProtectionPolicyRule -Identity "Standard Preset Security Policy"; Enable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"
 ```
 
-This example turns on the Standard preset security policy in the Microsoft 365 Defender portal. The State value of both rules is now Enabled.
+In organizations with Defender for Office 365, this example turns on the Standard preset security policy. The State value of both rules is now Enabled.
 
 ## PARAMETERS
 
 
@@ -14,7 +14,7 @@ ms.reviewer:
 ## SYNOPSIS
 This cmdlet is available only in the cloud-based service.
 
-Use the Enable-EOPProtectionPolicyRule cmdlet to
+Use the Enable-EOPProtectionPolicyRule cmdlet to turn on the Standard preset security policy or the Strict preset security policy. If your organization has Defender for Office 365, you also need to use the Enable-ATPProtectionPolicyRule cmdlet to turn on the policy.
 
 For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://docs.microsoft.com/powershell/exchange/exchange-cmdlet-syntax).
 
@@ -28,21 +28,38 @@ Enable-EOPProtectionPolicyRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
+The State property in rules that are associated with preset security policies indicates whether the rule is Enabled or Disabled.
+
+For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
+
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 
 ## EXAMPLES
 
 ### Example 1
 ```powershell
-{{ Add example code here }}
+Enable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"
+```
+
+In organizations without Defender for Office 365, this example turns off the Standard preset security policy. The State property value of the rule is now Enabled.
+
+### Example 2
+```powershell
+Enable-EOPProtectionPolicyRule -Identity "Standard Preset Security Policy"; Enable-ATPProtectionPolicyRule -Identity "Standard Preset Security Policy"
 ```
 
-{{ Add example description here }}
+In organizations with Defender for Office 365, this example turns off the Standard preset security policy. The State property value of both rules is now Enabled.
 
 ## PARAMETERS
 
 ### -Identity
-{{ Fill Identity Description }}
+The Identity parameter specifies the rule that you want to enable. You can use any value that uniquely identifies the rule. For example:
+
+- Name
+- Distinguished name (DN)
+- GUID
+
+By default, the available rules (if they exist) are named Standard Preset Security Policy and Strict Preset Security Policy.
 
 ```yaml
 Type: RuleIdParameter
 
@@ -0,0 +1,100 @@
+---
+external help file: Microsoft.Exchange.TransportMailflow-Help.xml
+online version: https://docs.microsoft.com/powershell/module/exchange/get-atpbuiltinprotectionrule
+applicable: Exchange Online, Exchange Online Protection
+title: Get-ATPBuiltInProtectionRule
+schema: 2.0.0
+author: chrisda
+ms.author: chrisda
+ms.reviewer:
+---
+
+# Get-ATPBuiltInProtectionRule
+
+## SYNOPSIS
+This cmdlet is available only in the cloud-based service.
+
+Use the Get-ATPBuiltInProtectionRule cmdlet to view the rule for the Built-in protection preset security policy that effectively provides default policies for Safe Links and Safe Attachments in Microsoft Defender for Office 365. The rule specifies exceptions to the policy.
+
+For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://docs.microsoft.com/powershell/exchange/exchange-cmdlet-syntax).
+
+## SYNTAX
+
+```
+Get-ATPBuiltInProtectionRule [[-Identity] <DehydrateableRuleIdParameter>] [-State <RuleState>] [<CommonParameters>]
+```
+
+## DESCRIPTION
+For more information about preset security policies, see [Preset security policies in EOP and Microsoft Defender for Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies).
+
+You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://docs.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
+
+## EXAMPLES
+
+### Example 1
+```powershell
+Get-ATPBuiltInProtectionRule
+```
+
+This example shows the rule for the Built-in protection preset security policy.
+
+## PARAMETERS
+
+### -Identity
+The Identity parameter specifies the rule that you want to view. You can use any value that uniquely identifies the rule. For example:
+
+- Name
+- Distinguished name (DN)
+- GUID
+
+The name of the only rule is ATP Built-In Protection Rule.
+
+```yaml
+Type: DehydrateableRuleIdParameter
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: 0
+Default value: None
+Accept pipeline input: True (ByPropertyName, ByValue)
+Accept wildcard characters: False
+```
+
+### -State
+The State parameter filters the results by the state of the rule. Valid values are:
+
+- Disabled
+- Enabled
+
+The only rule is always enabled.
+
+```yaml
+Type: RuleState
+Parameter Sets: (All)
+Aliases:
+Accepted values: Enabled, Disabled
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216).
+
+## INPUTS
+
+###  
+
+## OUTPUTS
+
+###  
+
+## NOTES
+
+## RELATED LINKS