OIA — OSINT Intelligence Analyst · Final Exam

Agency-grade open-source intelligence tradecraft: requirements-driven collection, multi-source corroboration, geolocation and chronolocation, dark-web collection under managed attribution, threat-actor cluster analysis, and confidence-rated attribution that holds up to Devil's Advocacy.

Doctrine you are expected to apply

• ICD 301 — IC OSINT doctrine: PIRs, EEIs, collection planning, source rating.
• Bellingcat standard: every published finding reproducible by a third party from cited open sources.
• Structured Analytic Techniques: ACH, Key Assumptions Check, I&W, Pre-mortem, Devil's Advocacy.
• GEOINT/IMGINT/CHRONOINT chain: candidate area → invariants → match → confidence + caveats.
• Managed-attribution OPSEC, persona separation, and chain-of-custody discipline.
• MITRE ATT&CK and the Diamond Model for threat-actor profiling.

Authority sources behind the exam

• ICD 301 — Director of National Intelligence OSINT Directive.
• NATO OSINT Handbook & Reader.
• Bellingcat — Online Investigation Toolkit and published methodology.
• MITRE ATT&CK Framework & Diamond Model of Intrusion Analysis.
• U.S. State Department OSAC personal-security and travel-intelligence briefings.
• Public academic work — Heuer (Psychology of Intelligence Analysis), Heuer & Pherson (Structured Analytic Techniques).

Before you begin

• Allow 60–90 minutes of uninterrupted, focused time.
• Read every stem carefully — the difficulty is in the discrimination between defensible options, not in trick wording.
• When two options look correct, pick the one most directly supported by the evidence/method described in the stem.
• OIA is a professional credential — answer as a working analyst would write into a report under their own name.