Verify Kubernetes Binaries

30 minutes
  • 2 Learning Objectives

About this Hands-on Lab

Compromised Kubernetes binaries could be used to gain access to your systems. In this lab, you will mitigate this threat by verifying these binaries before they are executed.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Locate and Download the Checksums for the Binary Files

The binary files are located in /home/cloud_user/k8s-binaries/.

Your coworker has left the version number they used in a file called version.txt. Check this file for the version number. Don’t try to check the version by running any of the binaries before you have verified them (e.g., with a command like kubectl version)! All of the binaries are the same version.

Use the version number to download the correct checksum file for each of the binary files. Download the checksums to the same directory the binaries are located in (/home/cloud_user/k8s-binaries/).

Verify the Binaries and Delete Any That May Contain Malicious Code

Use the checksums to verify all of the binaries contained in /home/cloud_user/k8s-binaries/.

Delete any binary files that fail checksum verification, as they could contain malicious code.

Additional Resources

Your company, SecuriCorp, is using Kubernetes to run a variety of applications. Recently, hackers have been trying various techniques to break into the Kubernetes cluster and steal data.

One of your coworkers is working on setting up a new Kubernetes control plane server. They have downloaded some Kubernetes binaries to a directory on the server.

However, hackers may have tried to sneak in a binary containing malicious code somewhere along the pipeline. Log in to the server and verify the binaries before running them. Delete any potentially infected binaries.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?