Certified Kubernetes Security Specialist – CKS


What you will get ?

  • Similar replica of the real exam
  • Two CKS test sessions with different content
  • Technical support 
  • High Quality Scenarios
  • CKS simulated environment with access to your personal clusters
  • 120 minutes countdown to challenge your skills under pressure
  • Exam tips & tricks
  • Detailed score of your test & detailed solution
  • Each test session is always available until you start the session.

Our Questions will test you on the following section

  • Cluster Setup 10%
  1. Use Network security policies to restrict cluster level access
  2. Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi)
  3. Properly set up Ingress objects with security control
  4. Protect node metadata and endpoints
  5. Minimize use of, and access to, GUI elements
  6. Verify platform binaries before deploying
  • Cluster Hardening 15%
  1. Restrict access to Kubernetes API
  2. Use Role Based Access Controls to minimize exposure
  3. Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
  4. Understand SecurityContexts & Update Kubernetes frequently
  • System Hardening 15%
  1. Minimize host OS footprint (reduce attack surface)
  2. Minimize IAM roles
  3. Minimize external access to the network
  4. Appropriately use kernel hardening tools such as AppArmor, seccomp
  • Minimize Microservice Vulnerabilities 20%
  1. Setup appropriate OS level security domains e.g. using PSP, OPA, security contexts
  2. Manage Kubernetes secrets
  3. Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)
  4. Implement pod to pod encryption by use of mTLS
  • Supply Chain Security 20%
  1. Minimize base image footprint
  2. Secure your supply chain: whitelist allowed registries, sign and validate images
  3. Use static analysis of user workloads (e.g.Kubernetes resources, Docker files)
  4. Scan images for known vulnerabilities
  • Monitoring, Logging and Runtime Security 20%
  1. Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activities
  2. Detect threats within physical infrastructure, apps, networks, data, users and workloads
  3. Detect all phases of attack regardless where it occurs and how it spreads
  4. Perform deep analytical investigation and identification of bad actors within environment
  5. Ensure immutability of containers at runtime
  6. Use Audit Logs to monitor access

Why taking the CKS is important?

When Zip Recruiter surveyed the salaries that Kubernetes professionals earned in 2019, the results were astounding!

  • $144,245: The average salary for Kubernetes jobs as of May 2019, according to ZipRecruiter
  • Obtaining a CKS demonstrates a candidate possesses the requisite abilities to secure container-based applications and Kubernetes platforms during build, deployment and runtime, and is qualified to perform these tasks in a professional setting.

Any more questions?

Feel free to contact us for any further assistance