Obtaining a CKS demonstrates a candidate possesses the requisite abilities to secure container-based applications and Kubernetes platforms during build, deployment and runtime, and is qualified to perform these tasks in a professional setting.

• Use Network security policies to restrict cluster level access
• Use CIS benchmark to review the security configuration of Kubernetes components (etcd,
  kubelet, kubedns, kubeapi)
• Properly set up Ingress objects with security control
• Protect node metadata and endpoints
• Minimize use of, and access to, GUI elements
• Verify platform binaries before deploying

• Restrict access to Kubernetes API
• Use Role Based Access Controls to minimize exposure
• Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
• Update Kubernetes frequently

• Minimize host OS footprint (reduce attack surface)
• Minimize IAM roles
• Minimize external access to the network
• Appropriately use kernel hardening tools such as AppArmor, seccomp

• Setup appropriate OS level security domains e.g. using PSP, OPA, security contexts
• Manage Kubernetes secrets
• Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)
• Implement pod to pod encryption by use of mTLS

• Minimize base image footprint
• Secure your supply chain: whitelist allowed registries, sign and validate images
• Use static analysis of user workloads (e.g.Kubernetes resources, Docker files)
• Scan images for known vulnerabilities

• Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities
• Detect threats within physical infrastructure, apps, networks, data, users and workloads
• Detect all phases of attack regardless where it occurs and how it spreads
• Perform deep analytical investigation and identification of bad actors within environment
• Ensure immutability of containers at runtime
• Use Audit Logs to monitor access

While attending training classes can be an important part of your preparation, attending class does not guarantee success on the exam. Previous experience, practice, and native aptitude are also important determinants of success.

Exam format

The CKS – Certified Kubernetes Security Specialist exam is heavily focused on practical application, as it is a hands-on test of your ability to run commands to perform specific actions. There are no multiple-choice questions in this exam. You will be given access to a command line and will be required to perform various tasks.

Scores and reporting

Official scores for exams come exclusively from Cloud Native Computing Foundation. CNCF does not authorize training partners to report results to candidates directly. Scores on the exam are usually reported within 3 U.S. business days.

Exam results are reported as section scores. CNCF does not report performance on individual items, nor will it provide additional information upon request.

Exam Duration: 3 hours.

Step 1: Go through the guided practical questions in your Certified Kubernetes Security Specialist Curriculum.

Step 2: Ensure all your concepts are crystal clear. Consult your trainer if you need anything.

Step 3: Go through the exam preparation questions multiple times. Practice sample questions at least thrice before appearing for the certification.

Step 4: Never forget to use man pages if you get stuck or confused anywhere.

Step 5: Appear for your examination and keep a clear mind.

1. Your Certified Kubernetes Security Specialist Training is complete practical with focus on real life elements of using Kubernetes skills.
2. The Certified Kubernetes Security Specialist Training we provide does not only cover the official Kubernetes curriculum but also tips and tricks beyond your Certified Kubernetes Security Specialist curriculum.
3. We have been in the training sector for more than 16 years, thus we have an excellent network of companies where we regularly place our candidates. Certified Kubernetes Security Specialist Training with Network Nuts is the best choice for people looking for a career in Automation Security.
4. Certified Kubernetes Security Specialist Training with Network Nuts also comes with sample cover letters, sample resumes and mock interview questions.