Does the "Take action if OS is compromised" policy only work if knox manage client is installed?

I was reading on the Knox platform enterprise documentation online and I came across a policy that takes an action upon OS tamper detection. Also on another site (Knox manage 24.09 release notes ) it just says that this option is recently introduced with the 24.09 update to the Knox manage client. So my question here is, Does this policy **only apply** or **take effect** if Knox manage client is installed?, assuming someone managed somehow to tamper with the OS and bypass the factory reset protection, and managed to flash a custom firmware or something else, will the device get locked down without Knox manage client installed?