Certified Kubernetes Security Specialist 2023

Master Course to prepare for CKS certification.
Certified Kubernetes Security Specialist 2023
File Size :
5.35 GB
Total length :
9h 52m



Zeal Vora


Last update

Last updated 7/2022



Certified Kubernetes Security Specialist 2023

What you’ll learn

Kubernetes Security

Certified Kubernetes Security Specialist 2023


Certified Kubernetes Administrator


This course is specifically designed for the aspirants who intend to give the “Certified Kubernetes Security Specialist” certification as well as for individuals who intend to gain a strong foundation in Kubernetes Security.One of the pre-requisites for the course is the candidate’s prior understanding on the topics discussed in the CKA certification. We begin the journey with setting up a Hardened Kubernetes cluster from absolute scratch and then the deep dive journey into various K8s + Security begins.This course also has an exam preparation section with a series of practice tests to verify the candidate’s understanding of the topics discussed and verify if the candidate is ready to give the official certification exams.Keeping the standards high similar to other best-seller courses of Zeal, this course has a perfect balance, and every topic is explained in a simplified way with practical scenarios.With tons of practicals, easy-to-understand videos, and a dedicated exam preparation section, this course is all you need to gain a deeper understanding of Kubernetes and ace the official Certified Kubernetes Security Specialist” certification.With this exciting set of learnings and practicals, I look forward to seeing you in this course and be part of your journey into Kubernetes and getting CKS certified.


Section 1: Introduction

Lecture 1 Introduction to the Course

Lecture 2 Course Lecture Format

Lecture 3 Document – Link to Code Repository

Lecture 4 Our Community

Section 2: Domain 1 – Cluster Setup

Lecture 5 Overview of CIS Benchmarks for Hardening

Lecture 6 Kubernetes CIS Benchmarks

Lecture 7 Our Lab Architecture

Lecture 8 Document Lecture

Lecture 9 Creating Infrastructure for Labs

Lecture 10 ETCD Security Guidelines

Lecture 11 Configuring ETCD Binaries

Lecture 12 Understanding Asymmetric Key Encryption

Lecture 13 Revising SSL/TLS

Lecture 14 Overview of Certificate Authority

Lecture 15 In-Transit Encryption with HTTPS

Lecture 16 Overview of Certificate Based Authentication

Lecture 17 Client Authentication in ETCD

Lecture 18 Integrating Systemd with ETCD

Lecture 19 API Server Security Guidelines

Lecture 20 Configuring API Server

Lecture 21 Transport Security for API Server

Lecture 22 Access Control

Lecture 23 Static Token File Authentication

Lecture 24 Downsides of Static Token File Authentication

Lecture 25 Implementing X509 Client Authentication

Lecture 26 Downsides of X509 Client Authentication

Lecture 27 Overview of OIDC Authentication

Lecture 28 Authorization

Lecture 29 Encryption Provider

Lecture 30 Implementing Auditing

Lecture 31 Setting up kubeadm cluster

Lecture 32 Revising Taints and Tolerations

Lecture 33 Kubelet Security

Lecture 34 Verifying Platform Binaries

Lecture 35 Notes – Cluster Setup

Section 3: Domain 2 – Cluster Hardening

Lecture 36 Creating User for RBAC

Lecture 37 Role Based Access Controls (RBAC)

Lecture 38 ClusterRole and ClusterRoleBinding

Lecture 39 Revising Ingress

Lecture 40 Understanding Ingress Resource and Ingress Controllers

Lecture 41 Creating Ingress and Ingress Controller

Lecture 42 Ingress Security

Lecture 43 Overview of Service Accounts

Lecture 44 Service Account Security

Lecture 45 Upgrading kudeadm Clusters

Lecture 46 Notes – Cluster Hardening

Section 4: Domain 3 – Minimize Microservice Vulnerabilities

Lecture 47 Admission Controllers

Lecture 48 Security Contexts

Lecture 49 Revising Privileged Container

Lecture 50 Running Privileged PODS in Kubernetes

Lecture 51 Hack Misconfigured Cluster

Lecture 52 ImagePullPolicy in Kubernetes

Lecture 53 Admission Controller – AlwaysPullImages

Lecture 54 Admission Controller – ImagePolicyWebhook

Lecture 55 Custom WebHook Integration with Admission Controller

Lecture 56 Overview of Kubernetes Secrets

Lecture 57 Mounting Secrets in Pods

Lecture 58 Notes – Minimize Microservice Vulnerabilities

Section 5: Domain 4 – System Hardening

Lecture 59 Overview of AppArmor

Lecture 60 Integration of AppArmor with Kubernetes

Lecture 61 OCI and Container Runtimes

Lecture 62 Configuring containerd and runc

Lecture 63 Container Runtime Interface

Lecture 64 Overview of Container Runtime Sandboxes

Lecture 65 Implementing RunTimeClass – gVisor

Lecture 66 Kubeadm and Calcio

Lecture 67 Understanding Network Policies – Part 01

Lecture 68 Understanding Network Policies – Part 02

Lecture 69 Notes – System Hardening

Section 6: Domain 5 – Supply Chain Security

Lecture 70 Vulnerability, Exploit and Payload

Lecture 71 Container Security Scanning

Lecture 72 Scan images for known vulnerabilities

Lecture 73 Scanning K8s Clusters for Security Best Practices

Lecture 74 Overview of Static Analysis

Lecture 75 Notes – Supply Chain Security

Section 7: Domain 6 – Monitoring, Logging and Runtime Security

Lecture 76 Overview of Falco

Lecture 77 Introduction to Sysdig

Lecture 78 Creating Custom Falco Rules

Lecture 79 Falco Rule Writing – Exam Perspective

Lecture 80 Audit Logging In-Detail

Lecture 81 Immutability at Container Runtime

Lecture 82 Notes – Monitoring, Logging and Runtime Security

Section 8: Exam Preparation Section

Lecture 83 Our Community

Lecture 84 Overview of CKS Exams

Lecture 85 Important Pointers for Exams – Part 01

Lecture 86 Important Pointers for Exams – Part 02

Lecture 87 Notes – Exam Preparation Section

Lecture 88 Exam Preparation Practice Tests

Lecture 89 Practice Test Solution – Part 01

Lecture 90 Practice Test Solution – Part 02

Lecture 91 Practice Test Solution – Part 03

Lecture 92 Practice Test Solution – Part 04

Individuals who aim to learn about Kubernetes Security,Individuals aiming to get certified on the Certified Kubernetes Security Specialist certification.

Course Information:

Udemy | English | 9h 52m | 5.35 GB
Created by: Zeal Vora

You Can See More Courses in the IT & Software >> Greetings from CourseDown.com

New Courses

Scroll to Top