You are assessing a contractor’s implementation for CMMC practice MA.L2-3.7.4 – Media Inspection by examining their maintenance records. You realize the maintenance logs identify a repeating problem. A recently installed central server has been experiencing issues affecting the performance of the contractor’s information systems. This is confirmed by your interview with the contractor’s IT team. You requested to investigate the server, and the IT team agreed. On the server, there is a file named conf.zip that gets your attention. You decide to open the file in an isolated computer for further review. To your surprise, the file is a .exe used when testing the server for data exfiltration. How should this incident be handled?
Submit