During a penetration testing engagement, you uncover evidence that an employee of the client organization is covertly exfiltrating sensitive customer data. Which of the following actions is the BEST course of action in alignment with professional and ethical standards?
Collect more evidence before reporting to make the case stronger.
Report the finding immediately to the appropriate point of contact within the client organization.
Discuss the situation with fellow team members to decide on a proper course of action.
Ignore the finding as it is not within the original scope of the engagement.
Confront the employee directly to deter further data exfiltration.
Wait until the end of the engagement to report the finding in the final report.