Enable tamper protection feature flag by default for Agent 8.11.0

[aleksmaus]

What does this PR do?

Enables tamper protection feature flag by default for Agent 8.11.0.
In the 8.10.0 the default tamper protection feature flag disabled by default.

ATTN!!!: It is important to use the Agent with corresponding Endpoint build for 8.11.0 that has the feature flags default set to the same value for the feature to work correctly.
(omitting the link to Endpoint PR here since the Endpoint repository is private)

The combination of agent feature flag value in the policy

"agent": {
    "features": {
        "tamper_protection": {
        "enabled": false
     }
},

and the agent protection flag

agent:
  ....
  protection:
    enabled: true

define if the tamper protection is enabled or not.

Here are the tables that help to understand how this change of the tamper protection feature flag value affects 8.11 settings.
The difference is in bold

8.10.x

agent feature flag	agent protection flag	tamper protection enabled
missing	false	false
missing	true	false
false	false	false
false	true	false
true	false	false
true	true	true

8.11.x

agent feature flag	agent protection flag	tamper protection enabled
missing	false	false
missing	true	true
false	false	false
false	true	false
true	false	false
true	true	true

This shows that it's important to use the corresponding builds of Agent and Endpoint with the same defaults.
This was discussed and agreed upon when the feature flag was initially introduced in 8.10.

For example if the builds are mismatched:

1. If we run the older build of Agent before this change with the newer build of Endpoint with this change. The older build of Agent would assume that the tamper protection is disabled when the feature flag is missing when the agent protection flag is set to true. While the newer version of Endpoint would assume that the feature is enabled and will enable the tamper protection.
2. If we run the newer build of Agent after this change and the older build of Endpoint without this change. The newer build of Agent would assume that the tamper protection is enabled when the feature flag is missing when the agent protection flag is set to true. While the older version of Endpoint would assume that the feature is disabled.

Why is it important?

This is a part of planned tamper protection feature rollout step for 8.11.0 release.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in ./changelog/fragments using the changelog tool
• I have added an integration test or an E2E test

[mergify]

This pull request does not have a backport label. Could you fix it @aleksmaus? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

• backport-v./d./d./d is the label to automatically backport to the 8./d branch. /d is the digit

NOTE: backport-skip has been added to this pull request.

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2023-09-27T02:15:48.774+0000

• Duration: 27 min 11 sec

Test stats 🧪

Test	Results
Failed	0
Passed	6313
Skipped	59
Total	6372

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

• /package : Generate the packages.

• run integration tests : Run the Elastic Agent Integration tests.

• run end-to-end tests : Generate the packages and run the E2E Tests.

• run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

[elastic-sonarqube]

SonarQube Quality Gate

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

100.0% Coverage
0.0% Duplication

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	98.78% (81/82)	👍
Files	66.102% (195/295)	👍
Classes	65.693% (360/548)	👍
Methods	52.744% (1134/2150)	👍
Lines	38.153% (12862/33712)	👎 -0.017
Conditionals	100.0% (0/0)	💚