The default protocol for agent communication is TLS. You should never see any traffic going to/from the agent in clear text.
In regards to agent logs, they are not encrypted. Turning on IS_SECURE_AGENT_LOGS only means that they are digitally signed. Some customers have asked to have encrypted agent logs, but I'm not sure if or when that will happen.
Keystroke logs however are encrypted and signed, as they capture all keystrokes and could potentially have password or other secure information within them.