Packt
Certified Kubernetes Security Specialist (CKS) Course
Packt

Certified Kubernetes Security Specialist (CKS) Course

Gain insight into a topic and learn the fundamentals.
Advanced level

Recommended experience

9 hours to complete
3 weeks at 3 hours a week
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Advanced level

Recommended experience

9 hours to complete
3 weeks at 3 hours a week
Flexible schedule
Learn at your own pace

What you'll learn

  • Verify a Kubernetes release after downloading it.

  • Analyze roles and role bindings for a user.

  • Construct a Kubernetes cluster using an outdated version.

Details to know

Earn a career certificate

Add to your LinkedIn profile

Recently updated!

September 2024

Assessments

10 assignments

Taught in English

See how employees at top companies are mastering in-demand skills

Placeholder
Placeholder

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV

Share it on social media and in your performance review

Placeholder

There are 25 modules in this course

In this module, we will guide you through the steps to become a Certified Kubernetes Security Specialist (CKS). You'll learn about the certification process, the requirements, and the best resources to help you succeed in your certification journey.

What's included

1 video1 reading

In this module, we will cover the creation of a Kubernetes cluster and delve into some common errors you might encounter. You'll learn how to set up your cluster and troubleshoot issues to maintain a stable and functional environment.

What's included

1 video

In this module, we will explore the use of Network Policies to restrict access at the cluster level. You'll learn about default deny policies, how to set up egress and ingress rules, and how to create policies for different namespaces.

What's included

4 videos1 assignment

In this module, we will focus on minimizing the use and access to GUI elements in Kubernetes. You'll learn how to install the Kubernetes Dashboard, understand the risks of insecure access, and implement RBAC to enhance security.

What's included

3 videos

In this module, we will guide you through the creation and securing of Ingress objects in Kubernetes. You'll learn how to set up Ingress and apply security controls to protect your cluster.

What's included

2 videos

In this module, we will discuss how to access and protect node metadata in a Kubernetes cluster. You'll learn about the security implications and how to use Network Policy to safeguard node endpoints.

What's included

2 videos1 assignment

In this module, we will explore the CIS benchmark for Kubernetes security and how to use kube-bench to review and improve your cluster's security configuration.

What's included

1 video

In this module, we will cover the importance of verifying platform binaries before deployment. You'll learn how to delete custom networks and verify the apiserver binary to ensure your cluster's security.

What's included

2 videos

In this module, we will focus on RBAC for cluster hardening. You'll learn about roles, rolebindings, and how to manage accounts and Certificate Signing Requests to enhance security.

What's included

5 videos1 assignment

In this module, we will discuss the cautious use of Service Accounts in Kubernetes. You'll learn about custom Service Accounts, disabling their mounting, and limiting their permissions with RBAC.

What's included

4 videos

In this module, we will explore methods to restrict API access for cluster hardening. You'll learn about enabling/disabling anonymous access, performing secure API requests, and using Node Restriction Admission Controller.

What's included

4 videos

In this module, we will cover the upgrade process for Kubernetes clusters. You'll learn how to verify Node Restriction, create clusters with older versions, and upgrade to ensure your cluster remains secure and up-to-date.

What's included

4 videos1 assignment

In this module, we will focus on managing Kubernetes secrets and understanding their vulnerabilities. You'll learn how to create secrets, hack them to understand their weaknesses and implement ETCD encryption for protection.

What's included

5 videos

In this module, we will explore the use of container runtime sandboxes in a multi-tenant environment. You'll learn about calling the Linux kernel, the OCI, and how to use Crictl and create Runtime Classes.

What's included

4 videos

In this module, we will delve into OS-level security domains for microservices. You'll learn how to set container users and groups, enforce non-root policies, manage privileged containers, and create Pod Security Policy.

What's included

5 videos1 assignment

In this module, we will cover mTLS and its implementation. You'll learn the basics of mTLS and how to create a sidecar proxy to secure communications.

What's included

2 videos

In this module, we will explore the Open Policy Agent (OPA) and its use in Kubernetes security. You'll learn about installing an OPA gatekeeper, enforcing policies, and implementing Deny All policies and namespace label enforcement.

What's included

4 videos

In this module, we will focus on supply chain security by reducing image footprint. You'll learn how to use multi-stage builds and secure and harden container images.

What's included

2 videos1 assignment

In this module, we will explore static analysis for supply chain security. You'll learn about using Kubesec, performing static analysis with Docker images, and utilizing OPA Conftest.

What's included

4 videos

In this module, we will cover image vulnerability scanning using Trivy. You'll learn how to scan container images to identify and mitigate vulnerabilities.

What's included

1 video

In this module, we will focus on securing the supply chain in Kubernetes. You'll learn about image digests and how to whitelist registries using OPA to enhance security.

What's included

2 videos1 assignment

In this module, we will explore behavioral analytics at the host and container levels. You'll learn how to use Strace, access /proc, and environment variables, and implement Falco for threat detection and monitoring.

What's included

7 videos

In this module, we will discuss the immutability of containers at runtime. You'll learn about the concept of immutability, how to implement Startup Probe, and use Security Context to render containers immutable.

What's included

3 videos1 assignment

In this module, we will cover auditing for runtime security in Kubernetes. You'll learn about the importance of auditing, how to implement audit policies, enable audit logging, and check logs for compliance.

What's included

4 videos

In this module, we will focus on system hardening through kernel hardening techniques. You'll learn how to implement AppArmor and Seccomp profiles for various Kubernetes components to enhance overall security.

What's included

7 videos2 assignments

Instructor

Packt - Course Instructors
Packt
372 Courses9,744 learners

Offered by

Packt

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."

New to Security? Start here.

Placeholder

Open new doors with Coursera Plus

Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Frequently asked questions