I think you are correct:
Manage tamper protection for your organization using the Microsoft Defender Security Center
Currently in preview, tamper protection can be turned on or off in the Microsoft Defender Security Center (
https://securitycenter.windows.com). Here are a few points to keep in mind:
When you use the Microsoft Defender Security Center to manage tamper protection, you do not have to use Intune or the tenant attach method.
When you manage tamper protection in the Microsoft Defender Security Center, the setting is applied tenant wide, affecting all of your devices that are running Windows 10, Windows Server 2016, or Windows Server 2019. To fine-tune tamper protection (such as having tamper protection on for some devices but off for others), use either Intune or Configuration Manager with tenant attach.
If you have a hybrid environment, tamper protection settings configured in Intune take precedence over settings configured in the Microsoft Defender Security Center.
Tamper protection is generally available; however, the ability to manage tamper protection in the Microsoft Defender Security Center is currently in preview.
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/pre...