Threat Intelligence Investigation

Scenario Overview

You are a Security Analyst at NeoCohorts, a mid-size technology company. During routine network monitoring, the SOC detected unusual network behavior and potential data exfiltration on internal hosts.

Multiple log files (Firewall, WAF, VPN, IDS) and packet captures (DNS, FTP, HTTP, MITM) have been collected for further investigation.

Your task is to navigate to the Log & Traffic Analysis tab, analyze the specific files using CLI tools and Wireshark, and extract the forensic artifacts.