Documentation Guide For CKS
Domains & Competencies
| Topic | Weightage (%) |
|---|---|
| Cluster Setup | 10 |
| Cluster Hardening | 15 |
| System Hardening | 15 |
| Minimize Microservice Vulnerabilities | 20 |
| Supply Chain Security | 20 |
| Monitoring, Logging and Runtime Security | 20 |
Certified Kubernetes Security Specialist Certification Free Courses
1. Cluster Setup
- Network security policies to restrict cluster-level access
- Declare Network Policy
- Network Policy Editor
- Kub-bench
- Properly set up Ingress objects with security control
- Protect node metadata and endpoints
- Configuring Network Policies
2. Cluster Hardening
- Cluster API access methods
- Kubernetes API Access Security
- Authentication
- Authorization
- Admission Controllers
- Admission Webhooks
- Certificates
- Node Authorization
- Acces API from Pod - Task
- Roles, ClusterRoles, RoleBindings and ClusterRoleBindings
- Service Account
- Service Account - Task
- Cluster Upgrade
- Cluster Upgrade - Task
3. System Hardening
- Restricting Kernel Modules
- AppArmor
- Seccomp
- Securing Pod Using AppArmor - Task
- Set the Seccomp Profile for a Container - Task
4. Minimize Microservice Vulnerabilities
- Pod Security Admission
- OPA
- Security Context - Task
- Kubernetes Secret
- Distribute Credentials Securely Using Secrets - Task
- Pod Security Standards
- Workload Isolation
- Generating TLS Certificate - Task