Update kubernetes-workload-protections.md

-------
cc: @bmansheim

Author: mayaherskovic

articles/defender-for-cloud/kubernetes-workload-protections.md

@@ -26,9 +26,9 @@ Microsoft Defender for Cloud includes a bundle of recommendations that are avail
 
 ## Enable Kubernetes data plane hardening
 
-When you enable Microsoft Defender for Containers, Azure Kubernetes Service clusters, and Azure Arc enabled Kubernetes clusters (Preview) protection are both enabled by default. You can configure your Kubernetes data plane hardening, when you enable Microsoft Defender for Containers.
+When you enable Microsoft Defender for Containers, "Azure Policy for Kubernetes" setting is enabled by default for Azure Kubernetes Service and Azure Arc enabled Kubernetes clusters in the relevant subscription. You can configure your that setting, when you enable Microsoft Defender for Containers or later through the Containers plan settings page or with Azure Policy.
 
-When you enable data plane hardening, the containers agent installed on each resource allocates a small amount of the AKS cluster CPU and memory for the agent to use. That allocation usually runs at maximum capacity, but does not affect the rest of the CPU and memory on the resource.
+When you enable this setting, the Azure Policy for Kubernetes pods are installed the cluster, which allocate a small amount of CPU and memory for the pods to use. That allocation may run up to maximum capacity, but does not affect the rest of the CPU and memory on the resource.
 
 To enable Azure Kubernetes Service clusters and Azure Arc enabled Kubernetes clusters (Preview):