How do I know if IPS is enable on SEPM im a bit confused.
When I pull a cumputer status logs, NTP is shown as Enabled, but when I go to policies as shown below that's what I see. I can pull the Sources of attacks report though. Am I confusing things here, my understanding is NTP uses IPS signatures so if the IPS policy is not assigned to any group how come I can pull the sources of attacks reports and how come NTP is enabled??? confused.