Overview What You Will Learn Curriculum Instructor

Course Overview

Want to learn about Kubernetes security or need to clear the Certified Kubernetes Security Specialist (CKS) exam? You are on the right page. A Certified Kubernetes Security Specialist (CKS) is an accomplished Kubernetes practitioner (must be CKA certified) who has demonstrated competence on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment and runtime.

This course is focused on security. It deals with nearly all aspects of security within the context of a Kubernetes environment. That means securing not only the Kubernetes cluster itself but also the applications running within the cluster. you’ll learn how to secure many different components of Kubernetes applications and environments. In this course, you will learn how to set up clusters, then you will get to know about cluster hardening. Further, in this course, you will discover system hardening. Following this, you will learn how to reduce microservice vulnerabilities. Later, you will gain knowledge on supply chain security. Finally, you will explore monitoring, logging, and runtime security.

By the end of this course, you will be well-prepared to take the CKS exam.

What You Will Learn

  • Explore Kubernetes security concepts.
  • Deep dive technical insight into Kubernetes.
  • Learn how to create Kubernetes cluster.
  • Find out how to use CIS Benchmark to review the security configuration of Kubernetes components.
  • Complete CKS preparation.

Program Curriculum

  • Certified Kubernetes Security Specialist (CKS)
  • $7 Million Cybersecurity Scholarship by EC-Council

  • Create Kubernetes Cluster and Look at Some ERRORS !!
  • Chapter 2 Quiz

  • Introduction NetworkPolicy
  • Create Default Deny NetworkPolicy
  • Create Egress and Ingress Rules
  • Create Another NetworkPolicy for Different Name Space
  • Chapter 3 Quiz

  • Install Kubernetes Dashboard
  • Insecure Access from Outside
  • RBAC for Kubernetes Dashboard
  • Chapter 4 Quiz

  • Create an Ingress
  • Secure an Ingress
  • Chapter 5 Quiz

  • Accessing Node Metadata
  • Protect Node Metadata via NetworkPolicy
  • Chapter 6 Quiz

  • kube-bench
  • Chapter 7 Quiz

  • Download and Verify Kubernetes Release
  • Verify apiserver Binary Running in Our Cluster
  • Chapter 8 Quiz

  • RBAC - Role and Rolebinding
  • Role and Rolebinding for a User
  • ClusterRole and ClusterRoleBinding
  • Accounts and Users
  • Certificate Signing Requests
  • Chapter 9 Quiz

  • Introduction
  • Pod Uses Custom ServiceAccount
  • Disable ServiceAccount Mounting
  • Limit ServiceAccounts Permissions Using RBAC to Edit Resources
  • Chapter 10 Quiz

  • Enable/Disable Anonymous Access
  • Let's Perform a Manual API Request
  • External Apiserver Access
  • NodeRestriction AdmissionController
  • Chapter 11 Quiz

  • Verify NodeRestriction
  • Introduction
  • Create a Cluster with Old Version
  • Upgrade Master and Worker Node
  • Chapter 12 Quiz

  • Create Secret
  • Hack Secrets in Docker
  • Hack Secrets in ETCD
  • ETCD Encryption
  • ETCD Encryption - 2
  • Chapter 13 Quiz

  • Calling Linux Kernel from Inside Container
  • Open Container Initiative OCI
  • Crictl
  • Create and Use RuntimeClasses
  • Chapter 14 Quiz

  • Set Container User and Group (Security Context)
  • Force Container Non-Root
  • Privileged Containers
  • PrivilegeEscalation
  • Chapter 15 Quiz

  • Introduction
  • Create Sidecar Proxy
  • Chapter 16 Quiz

  • Introduction OPA
  • Install OPA Gatekeeper
  • Deny All Policy
  • Enforce Namespace Labels
  • Chapter 17 Quiz

  • Reduce Image Footprint with Multi-Stage
  • Secure and Harden Images
  • Chapter 18 Quiz

  • Kubesec
  • Use kubesec to Perform Static Analysis by Using Docker Image
  • OPA Conftest
  • OPA Conftest for Dockerfile
  • Chapter 19 Quiz

  • Use Trivy to Scan Images
  • Chapter 20 Quiz

  • Image Digest
  • Whitelist Registries with OPA
  • Chapter 21 Quiz

  • Strace
  • Strace and /proc on ETCD
  • Access /proc and env Variables from Inside Pod
  • FALCO
  • Use Falco to Find Malicious Processes
  • Investigate Falco Rules
  • Change Falco Rule
  • Chapter 22 Quiz

  • Introduction
  • StartupProbe
  • SecurityContext Renders Container Immutable
  • Chapter 23 Quiz

  • Introduction
  • Audit Policy
  • Enable Audit Logging in Apiserver
  • Create Secret and Check Audit Logs
  • Chapter 24 Quiz

  • AppArmor
  • AppArmor for curl
  • AppArmor for Docker Nginx
  • Seccomp
  • Seccomp for Docker Nginx
  • Seccomp for Kubernetes Nginx
  • Chapter 25 Quiz

Congratulations for Mastering Certified Kubernetes Security Specialist (CKS)

Load more modules

Instructor

Himanshu Sharma

Himanshu Sharma is a Kubernetes, containers, and cloud-native infrastructure expert. He has more than 12 years of IT experience in a variety of industries, including medical devices, entertainment, enterprise software, and cloud computing. He is passionate about learning new technology and he believes the best way to learn is to learn by doing it practically.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

$ 499.00
Billed annually or $59.00 billed monthly
Get Started Now
Start your 7-day trial for $1

What is included

  • 700+ Premium Short Courses
  • 50+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

$ 599.00
Billed annually or $69.00 billed monthly
Get Started Now
Start your 7-day trial for $1

Everything in Pro and

  • 800+ Practice Lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Practice Labs and Challenges added every month
  • 3 Official EC-Council Essentials Certifications¹ (retails at $897!)
    Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

  • Code Security with SonarQube

    Code Security with SonarQube

    Short Course

    Code Security with SonarQube

    DevSecOps

    Gain engineering confidence in your code through SonarQube

    $99.99

    Intermediate

    4 hr 0 m

  • DevOps Beginner to Advanced: Integrating DevOps with Cloud (Part 2)

    DevOps Beginner to Advanced: Integrating DevOps with Cloud (Part 2)

    Short Course

    DevOps Beginner to Advanced: Integrating DevOps with Cloud (Pa...

    DevSecOps

    Learn how to implement AWS, Docker, K8s, and N-Tier Projects ...

    $69.99

    Advanced

    10 hr 9 m

  • Infrastructure Testing with Azure DevOps

    Infrastructure Testing with Azure DevOps

    Short Course

    Infrastructure Testing with Azure DevOps

    DevSecOps

    Test, Automate, Validate, and Secure Your Infrastructure with...

    $49.99

    Intermediate

    4 hr 0 m

  • Alpine Linux for Starters

    Alpine Linux for Starters

    Short Course

    Alpine Linux for Starters

    DevSecOps

    Make the most of Alpine Linux for IoT, embedded devices, secu...

    $49.99

    Beginner

    4 hr 0 m

  • Building CI/CD Pipeline Using AWS CodePipeline

    Building CI/CD Pipeline Using AWS CodePipeline

    Short Course

    Building CI/CD Pipeline Using AWS CodePipeline

    DevSecOps

    Automate your software delivery process by building robust CI...

    $49.99

    Intermediate

    3 hr 29 m

  • Implementing CI with Jenkins & Maven

    Implementing CI with Jenkins & Maven

    Short Course

    Implementing CI with Jenkins & Maven

    DevSecOps

    Gain a deep understanding of implementing continuous integrat...

    $49.99

    Beginner

    3 hr 2 m

  • Mastering Mobile Application Development

    Mastering Mobile Application Development

    Short Course

    Mastering Mobile Application Development

    DevSecOps

    Mastering React Native: JavaScript Essentials, Core Concepts,...

    $49.99

    Intermediate

    3 hr 30 m

  • DevOps Beginner to Advanced: Introduction to DevOps

    DevOps Beginner to Advanced: Introduction to DevOps

    Short Course

    DevOps Beginner to Advanced: Introduction to DevOps

    DevSecOps

    Begin DevOps Career as an Absolute Beginner | Linux, AWS, Scr...

    $59.99

    Beginner

    10 hr 47 m

1 8