How i can stop user from tamper a particular services from services.msc via A&D Policy
That is not possible from Symantec Endpoint Protection to specifically stop a user from tamper a particular services from services.msc via A&D Policy.
However a good idea.
I have created an IDEA for you. https://www-secure.symantec.com/connect/ideas/specifically-stop-user-tamper-particular-services-servicesmsc
Let's Promote the same!!!
However, Incase if you want to protect a file from being Modified, you may apply a Application Control rule for the same.
It is similar to the Application rule for "Block modifications to hosts file [AC6]"
Check these Articles:
How the Application and Device Control Hardening policy works
Hardening Symantec Endpoint Protection (SEP) with an Application and Device Control Policy to increase security
How do I Block hosts file modification using Symantec Endpoint Protection (SEP) Application and Device Control policy?
Hope that helps!!
Associate Security Architect
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3
Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.