This Kubernetes Security Specialist course offers foundational knowledge through concepts and hands-on demonstrations of securing a Kubernetes cluster and its applications. Emphasizing practical skills, it requires a running Kubernetes cluster for participation.
Expérience recommandée
Ce que vous apprendrez
Verify a Kubernetes release after downloading it.
Analyze roles and role bindings for a user.
Construct a Kubernetes cluster using an outdated version.
Compétences que vous acquerrez
- Catégorie : CKS
- Catégorie : Cluster setup
- Catégorie : CKAD
- Catégorie : Kubernetes
- Catégorie : Supply Chain Security
Détails à connaître
Ajouter à votre profil LinkedIn
septembre 2024
10 devoirs
Découvrez comment les employés des entreprises prestigieuses maîtrisent des compétences recherchées
Obtenez un certificat professionnel
Ajoutez cette qualification à votre profil LinkedIn ou à votre CV
Partagez-le sur les réseaux sociaux et dans votre évaluation de performance
Il y a 25 modules dans ce cours
In this module, we will guide you through the steps to become a Certified Kubernetes Security Specialist (CKS). You'll learn about the certification process, the requirements, and the best resources to help you succeed in your certification journey.
Inclus
1 vidéo1 lecture
In this module, we will cover the creation of a Kubernetes cluster and delve into some common errors you might encounter. You'll learn how to set up your cluster and troubleshoot issues to maintain a stable and functional environment.
Inclus
1 vidéo
In this module, we will explore the use of Network Policies to restrict access at the cluster level. You'll learn about default deny policies, how to set up egress and ingress rules, and how to create policies for different namespaces.
Inclus
4 vidéos1 devoir
In this module, we will focus on minimizing the use and access to GUI elements in Kubernetes. You'll learn how to install the Kubernetes Dashboard, understand the risks of insecure access, and implement RBAC to enhance security.
Inclus
3 vidéos
In this module, we will guide you through the creation and securing of Ingress objects in Kubernetes. You'll learn how to set up Ingress and apply security controls to protect your cluster.
Inclus
2 vidéos
In this module, we will discuss how to access and protect node metadata in a Kubernetes cluster. You'll learn about the security implications and how to use Network Policy to safeguard node endpoints.
Inclus
2 vidéos1 devoir
In this module, we will explore the CIS benchmark for Kubernetes security and how to use kube-bench to review and improve your cluster's security configuration.
Inclus
1 vidéo
In this module, we will cover the importance of verifying platform binaries before deployment. You'll learn how to delete custom networks and verify the apiserver binary to ensure your cluster's security.
Inclus
2 vidéos
In this module, we will focus on RBAC for cluster hardening. You'll learn about roles, rolebindings, and how to manage accounts and Certificate Signing Requests to enhance security.
Inclus
5 vidéos1 devoir
In this module, we will discuss the cautious use of Service Accounts in Kubernetes. You'll learn about custom Service Accounts, disabling their mounting, and limiting their permissions with RBAC.
Inclus
4 vidéos
In this module, we will explore methods to restrict API access for cluster hardening. You'll learn about enabling/disabling anonymous access, performing secure API requests, and using Node Restriction Admission Controller.
Inclus
4 vidéos
In this module, we will cover the upgrade process for Kubernetes clusters. You'll learn how to verify Node Restriction, create clusters with older versions, and upgrade to ensure your cluster remains secure and up-to-date.
Inclus
4 vidéos1 devoir
In this module, we will focus on managing Kubernetes secrets and understanding their vulnerabilities. You'll learn how to create secrets, hack them to understand their weaknesses and implement ETCD encryption for protection.
Inclus
5 vidéos
In this module, we will explore the use of container runtime sandboxes in a multi-tenant environment. You'll learn about calling the Linux kernel, the OCI, and how to use Crictl and create Runtime Classes.
Inclus
4 vidéos
In this module, we will delve into OS-level security domains for microservices. You'll learn how to set container users and groups, enforce non-root policies, manage privileged containers, and create Pod Security Policy.
Inclus
5 vidéos1 devoir
In this module, we will cover mTLS and its implementation. You'll learn the basics of mTLS and how to create a sidecar proxy to secure communications.
Inclus
2 vidéos
In this module, we will explore the Open Policy Agent (OPA) and its use in Kubernetes security. You'll learn about installing an OPA gatekeeper, enforcing policies, and implementing Deny All policies and namespace label enforcement.
Inclus
4 vidéos
In this module, we will focus on supply chain security by reducing image footprint. You'll learn how to use multi-stage builds and secure and harden container images.
Inclus
2 vidéos1 devoir
In this module, we will explore static analysis for supply chain security. You'll learn about using Kubesec, performing static analysis with Docker images, and utilizing OPA Conftest.
Inclus
4 vidéos
In this module, we will cover image vulnerability scanning using Trivy. You'll learn how to scan container images to identify and mitigate vulnerabilities.
Inclus
1 vidéo
In this module, we will focus on securing the supply chain in Kubernetes. You'll learn about image digests and how to whitelist registries using OPA to enhance security.
Inclus
2 vidéos1 devoir
In this module, we will explore behavioral analytics at the host and container levels. You'll learn how to use Strace, access /proc, and environment variables, and implement Falco for threat detection and monitoring.
Inclus
7 vidéos
In this module, we will discuss the immutability of containers at runtime. You'll learn about the concept of immutability, how to implement Startup Probe, and use Security Context to render containers immutable.
Inclus
3 vidéos1 devoir
In this module, we will cover auditing for runtime security in Kubernetes. You'll learn about the importance of auditing, how to implement audit policies, enable audit logging, and check logs for compliance.
Inclus
4 vidéos
In this module, we will focus on system hardening through kernel hardening techniques. You'll learn how to implement AppArmor and Seccomp profiles for various Kubernetes components to enhance overall security.
Inclus
7 vidéos2 devoirs
Instructeur
Offert par
Recommandé si vous êtes intéressé(e) par Security
Pour quelles raisons les étudiants sur Coursera nous choisissent-ils pour leur carrière ?
Ouvrez de nouvelles portes avec Coursera Plus
Accès illimité à plus de 7 000 cours de renommée internationale, à des projets pratiques et à des programmes de certificats reconnus sur le marché du travail, tous inclus dans votre abonnement
Faites progresser votre carrière avec un diplôme en ligne
Obtenez un diplôme auprès d’universités de renommée mondiale - 100 % en ligne
Rejoignez plus de 3 400 entreprises mondiales qui ont choisi Coursera pour les affaires
Améliorez les compétences de vos employés pour exceller dans l’économie numérique
Foire Aux Questions
Yes, you can preview the first video and view the syllabus before you enroll. You must purchase the course to access content not included in the preview.
If you decide to enroll in the course before the session start date, you will have access to all of the lecture videos and readings for the course. You’ll be able to submit assignments once the session starts.
Once you enroll and your session begins, you will have access to all videos and other resources, including reading items and the course discussion forum. You’ll be able to view and submit practice assessments, and complete required graded assignments to earn a grade and a Course Certificate.