Kubernetes Security Specialist Certification (CKS)

What Is Kubernetes?

In organizations, multiple numbers of containers running at a time so it is very hard to manage all the containers together we use Kubernetes. Kubernetes is an open-source platform for managing containerized workloads and services. Kubernetes takes care of scaling and failover for your application running on container.

What Is The Certified Kubernetes Security Specialist Exam?

The Certified Kubernetes Security Specialist (CKS) program will consist of a performance-based certification exam and assures that a CKS has the skills, knowledge, and competence on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment, and runtime. This new certification is designed to enable cloud-native professionals to demonstrate security skills to current and potential employers.

Also check: All you need to know on Certified Kubernetes Security Specialist Exam (CKS)

What Are The Benefits Of Kubernetes Certification?

  • A Kubernetes certification makes your resume look good and stand outfrom the competition. As companies will be relying more and more on Kubernetes, your expertise will be an immediate asset.
  • PassingCKA and CKS is not an easy task, so companies seeking Kubernetes engineers are willing to pay more which gives you the mighty potential for a hike in salary.
  • The companies are looking forcertified Kubernetes professionals, as the majority of them are moving their application towards containers.

Since the Kubernetes is quite new in the industry, there is a huge market gap for certified professionals.

FYI: Please note that Certified Kubernetes Administrator (CKA) is a prerequisite certification in order to take up the CKS Certification.

Also check: All you need to know on Certified Kubernetes Administrator (CKA)

 

Introducing: Kubernetes Security Specialist Certification (CKS)Training

Become expert in Kubernetes Security Specialist Certification (CKS) by mastering these 12 critical core skills…


img

Kubernetes Architecture
img

Installation Overview
img

Cluster Setup
img

Network Policies
img

Node Protection
img

Cluster Hardening
img

System Hardening
img

Supply Chain Security
img

Static Analysis
img

Monitoring Security
img

Detect Threats
img

Audit Logs

COURSE BREAKDOWN


  1. KUBERNETES INTRODUCTION
  2. KUBERNETES ARCHITECTURE
  3. KUBERNETES BUILDING BLOCKS
  4. KUBERNETES INSTALLATION OVERVIEW
  5. REGISTER FREE AZURE TRIAL ACCOUNT (18:49 MIN)
  6. CONNECT AZURE UBUNTU MACHINE FROM MAC (03:54 MIN)
  7. VIRTUAL MACHINE SETUP FOR KUBERNETES
  8. KUBERNETES KUBEADM SETUP
  9. ACTIVITY GUIDE: REGISTER FOR AZURE CLOUD ACCOUNT & ACCESSING CONSOLE
  10. ACTIVITY GUIDE: CREATE & CONNECT TO UBUNTU 18.04 SERVER ON AZURE CLOUD ACCOUNT
  11. ACTIVITY GUIDE: BOOTSTRAP KUBERNETES CLUSTER USING KUBEADM

  1. NETWORK POLICIES
  2. NETWORK SECURITY POLICY FOR RESTRICTING ACCESS
  3. SECURITY CONTEXT
  4. CIS BENCHMARK
  5. INGRESS OBJECTS WITH SECURITY CONTROL
  6. PROTECTING NODE METADATA AND ENDPOINT
  7. PLATFORM BINARIES VERIFICATION FOR KUBERNETES
  8. ACTIVITY GUIDE: CONFIGURE NETWORK POLICY FOR APPLICATION
  9. ACTIVITY GUIDE: CONFIGURE & ACCESS KUBERNETES DASHBOARD
  10. ACTIVITY GUIDE: DEPLOY INGRESS CONTROLLER & CREATE & SECURE INGRESS
  11. ACTIVITY GUIDE: ACCESS & SECURE NODE METADATA
  12. ACTIVITY GUIDE: CIS KUBERNETES BENCHMARK & SECURING KUBERNETES CLUSTER USING KUBE-BENCH
  13. ACTIVITY GUIDE: DOWNLOAD & VERIFY KUBERNETES BINARIES WITH API-SERVER BINARIES

  1. KUBERNETES API ACCESS
  2. ROLE BASED ACCESS CONTROL
  3. UPDATING KUBERNETES
  4. ACTIVITY GUIDE: RABC- ROLE-ROLEBINDING, CLUSTERROLE-CLUSTERROLEBINDING, & CSR
  5. ACTIVITY GUIDE: SERVICE ACCOUNT & EXERCISE CAUTION IN USING SERVICE ACCOUNTS
  6. ACTIVITY GUIDE: RESTRICT ACCESS TO KUBERNETES API (INSECURE ACCESS, MANUAL API REQ., EXTERNAL API REQ., )
  7. ACTIVITY GUIDE: UPDATE KUBERNETES CLUSTER

  1. MINIMIZE HOST OS FOOTPRINT (REDUCE ATTACK SURFACE)
  2. MINIMIZE IAM ROLES
  3. MINIMIZE EXTERNAL ACCESS TO THE NETWORK
  4. KERNEL HARDENING TOOLS
  5. ACTIVITY GUIDE: MANAGE KUBERNETES SECRETS
  6. ACTIVITY GUIDE: ETCD ENCRYPTION
  7. ACTIVITY GUIDE: POD TO POD ENCRYPTION USING MTLS
  8. ACTIVITY GUIDE: OPEN POLICY AGENT

  1. SETUP APPROPRIATE OS LEVEL SECURITY DOMAINS E.G. USING PSP, OPA, SECURITY CONTEXTS
  2. MANAGE KUBERNETES SECRETS
  3. USE CONTAINER RUNTIME SANDBOXES IN MULTI-TENANT ENVIRONMENTS (E.G. GVISOR, KATA CONTAINERS)
  4. IMPLEMENT POD TO POD ENCRYPTION BY USE OF MTLS
  5. ACTIVITY GUIDE: MANAGE KUBERNETES SECRETS (CREATE SECRET, SECRET IN ETCD)
  6. ACTIVITY GUIDE: ETCD ENCRYPTION
  7. ACTIVITY GUIDE: CONTAINER USER AND GROUP, CREATE PRIVILEGED CONATINER, CREATE POD SECURITY POLICY
  8. ACTIVITY GUIDE: POD TO POD ENCRYPTION USING MTLS
  9. ACTIVITY GUIDE: INSTALL AND USE OPEN POLICY AGENT

  1. MINIMIZE BASE IMAGE FOOTPRINT
  2. SECURING SUPPLY CHAIN
  3. STATIC ANALYSIS OF USER WORKLOADS
  4. VULNERABILITIES IN IMAGES
  5. ACTIVITY GUIDE: MINIMIZE IMAGE FOOTPRINT, SECURE IMAGES
  6. ACTIVITY GUIDE: STATIC ANALYSIS OF USER WORKLOADS
  7. ACTIVITY GUIDE: SCAN IMAGES FOR VULNERABILITIES USING 3RD PARTY TOOLS
  8. ACTIVITY GUIDE: SIGN AND VALIDATE IMAGES

  1. DETECTING MALICIOUS ACTIVITIES
  2. DETECT THREATS WITHIN PHYSICAL INFRASTRUCTURE, APPS, NETWORKS, DATA, USERS AND WORKLOADS
  3. DEEP ANALYTICAL INVESTIGATION AND IDENTIFICATION OF BAD ACTORS WITHIN ENVIRONMENT
  4. IMMUTABILITY OF CONTAINERS AT RUNTIME
  5. AUDIT LOGS TO MONITOR ACCESS
  6. ACTIVITY GUIDE: ENABLE & CHECK AUDIT LOGS, CREATE AUDIT LOG POLICY
  7. ACTIVITY GUIDE: BEHAVIOURAL ANALYTICS OF SYSCALL PROCESS
  8. ACTIVITY GUIDE: FILE ACTIVITIES AT THE HOST AND CONTAINER LEVEL
  9. ACTIVITY GUIDE: STARTUOPROBE IN CONTAINER