Certified Kubernetes Security Specialist (CKS)

By William Boyd

Prepare for the Certified Kubernetes Security Specialist (CKS) exam.

22 hours
  • 87 Lessons
  • 28 Hands-On Labs
  • 6 Course Quizzes

About the course

The Certified Kubernetes Security Specialist (CKS) exam is a way for you to demonstrate your ability to manage, configure, and use a secure Kubernetes environment. This course will cover all of the topics and practical, hands-on skills you will need to be familiar with in order to become a knowledgeable Kubernetes security specialist and pass the CKS exam.

Lab Highlights

Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 12 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 11 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 10 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 9 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 8 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 7 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 6 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 5 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 4 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 3 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 2 Certified Kubernetes Security Specialist (CKS) – Practice Exam Part 1 Configure Audit Logging in Kubernetes Check Kubernetes Pods for Container Immutability Threat Detection in Kubernetes with Falco Automate Kubernetes Image Vulnerability Scanning Scanning Images for Vulnerabilities with Trivy Analyzing Kubernetes YAML Files for Security Best Practices Analyzing a Dockerfile for Security Best Practices Move Kubernetes Pods to a Secured Runtime Sandbox Manage Sensitive Config Data with Kubernetes Secrets Prevent Privileged Containers in Kubernetes with PodSecurityPolicies Protect a Kubernetes Cluster with AppArmor Limit Service Account Permissions in Kubernetes Verify Kubernetes Binaries Add TLS to a Kubernetes Service with Ingress Strengthen Cluster Security with a CIS Kubernetes Benchmark Lock Down Inter-Pod Communication with NetworkPolicies
  • Chapter 1 5 Lessons Introduction 34:09

    Course Introduction

    3:04

    About the Exam

    8:15

    CKS Exam Updates 1.21

    2:15

    Building a Kubernetes Cluster

    14:37

    Kubernetes Security Overview

    5:58
  • Chapter 2 15 Lessons Cluster Setup 3:27:09

    Cluster Setup Intro

    1:38

    Restricting Default Access with NetworkPolicies

    10:52

    Allowing Limited Access with NetworkPolicies

    11:25

    Locking Down Inter-Pod Communication with NetworkPolicies

    30:00 Hands-On Lab

    Running a CIS Benchmark with kube-bench

    8:21

    Fixing Security Issues Detected by a CIS Benchmark

    9:30

    Strengthening Cluster Security with a CIS Kubernetes Benchmark

    30:00 Hands-On Lab

    Implementing TLS with Ingress

    10:17

    Adding TLS to a Kubernetes Service with Ingress

    30:00 Hands-On Lab

    Securing Node Endpoints

    5:05

    Securing GUI Elements

    2:43

    Verifying Kubernetes Platform Binaries

    7:46

    Verify Kubernetes Binaries

    30:00 Hands-On Lab

    Cluster Setup Review

    4:32

    QUIZ: Cluster Setup

    15:00 Quiz
  • Chapter 3 8 Lessons Cluster Hardening 1:13:54

    Cluster Hardening Intro

    0:56

    Exploring Service Accounts

    5:05

    Restricting Service Account Permissions

    12:29

    Limiting Service Account Permissions in Kubernetes

    30:00 Hands-On Lab

    Restricting Access to the Kubernetes API

    3:40

    Keeping k8s Updated

    4:32

    Cluster Hardening Review

    2:12

    QUIZ: Cluster Hardening

    15:00 Quiz
  • Chapter 4 9 Lessons System Hardening 1:21:40

    System Hardening Intro

    0:56

    Understanding Host OS Security Concerns

    8:58

    Minimizing IAM Roles

    4:56

    Exploring Network-Level Security

    3:31

    Exploring AppArmor

    4:32

    Using AppArmor in k8s Containers

    10:49

    Protecting a Kubernetes Cluster with AppArmor

    30:00 Hands-On Lab

    System Hardening Review

    2:58

    QUIZ: System Hardening

    15:00 Quiz
  • Chapter 5 15 Lessons Minimizing Microservice Vulnerabilities 3:10:33

    Minimizing Microservice Vulnerabilities Intro

    1:29

    Managing Container Access with Security Contexts

    5:52

    Governing Pod Configurations with Pod Security Policies

    7:59

    Using Pod Security Policies

    14:59

    Preventing Privileged Containers in Kubernetes with PodSecurityPolicies

    30:00 Hands-On Lab

    Using OPA Gatekeeper

    11:44

    Managing Kubernetes Secrets

    11:14

    Encrypting Sensitive Config Data with Kubernetes Secrets

    30:00 Hands-On Lab

    Understanding Container Runtime Sandboxes

    5:23

    Creating a Container Runtime Sandbox

    9:59

    Moving Kubernetes Pods to a Secured Runtime Sandbox

    30:00 Hands-On Lab

    Understanding Pod-to-Pod mTLS

    3:50

    Signing Certificates

    8:08

    Minimizing Microservice Vulnerabilities Review

    4:56

    QUIZ: Minimizing Microservice Vulnerabilities

    15:00 Quiz
  • Chapter 6 16 Lessons Supply Chain Security 3:24:25

    Supply Chain Security Intro

    1:26

    Minimizing Base Image Attack Surface

    4:24

    Whitelisting Allowed Image Registries

    7:28

    Validating Signed Images

    4:47

    Analyzing a Dockerfile

    7:46

    Analyzing a Dockerfile for Security Best Practices

    30:00 Hands-On Lab

    Analyzing Resource YAML Files

    4:02

    Analyzing Kubernetes YAML Files for Security Best Practices

    30:00 Hands-On Lab

    Scanning Images for Known Vulnerabilities

    8:07

    Scanning Images for Vulnerabilities with Trivy

    30:00 Hands-On Lab

    Scanning Images with an Admission Controller

    4:30

    Setting up an Image Scanner

    8:04

    Configuring the ImagePolicyWebhook Admission Controller

    13:24

    Automate Kubernetes Image Vulnerability Scanning

    30:00 Hands-On Lab

    Supply Chain Security Review

    5:27

    QUIZ: Supply Chain Security

    15:00 Quiz
  • Chapter 7 11 Lessons Monitoring, Logging, and Runtime Security 2:30:31

    Monitoring, Logging, and Runtime Security Intro

    1:01

    Understanding Behavioral Analytics

    5:04

    Analyzing Container Behavior with Falco

    11:13

    Threat Detection in Kubernetes with Falco

    30:00 Hands-On Lab

    Ensuring Containers are Immutable

    9:56

    Check Kubernetes Pods for Container Immutability

    30:00 Hands-On Lab

    Understanding Audit Logs

    4:40

    Setting up Audit Logging

    9:48

    Configure Audit Logging in Kubernetes

    30:00 Hands-On Lab

    Monitoring, Logging, and Runtime Security Review

    3:49

    QUIZ: Monitoring, Logging, and Runtime Security

    15:00 Quiz
  • Chapter 8 12 Lessons Practice Exam 6:00:00

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 1

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 2

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 3

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 4

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 5

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 6

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 7

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 8

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 9

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 10

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 11

    30:00 Hands-On Lab

    Certified Kubernetes Security Specialist (CKS) - Practice Exam Part 12

    30:00 Hands-On Lab
  • Chapter 9 2 Lessons Conclusion 2:23

    Course Summary

    1:28

    Conclusion and What’s Next

    0:55

What are Hands-on Labs

What's the difference between theoretical knowledge and real skills? Practical real-world experience. That's where Hands-on Labs come in! Hands-on Labs are guided, interactive experiences that help you learn and practice real-world scenarios in real cloud environments. Hands-on Labs are seamlessly integrated in courses, so you can learn by doing.

Get Started
Who’s going to be learning?
Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!