- #Docker and kubernetes certification how to#
- #Docker and kubernetes certification update#
- #Docker and kubernetes certification upgrade#
The CKS & CKA exam environments will be aligned with the most recent K8s minor version within approximately 4 to 8 weeks of the K8s release dateĬertified Kubernetes Security Specialist (CKS) candidates must have taken and passed the Certified Kubernetes Administrator (CKA) exam prior to attempting the CKS exam.ĬKS may be purchased but not scheduled until CKA certification has been achieved.ĬKA Certification must be active (non-expired) on the date the CKS exam (including Retakes) is scheduled. The CKS exam is based on Kubernetes v1.23 The CKA exam is based on Kubernetes v1.23 For each exam, candidates have 2 hours to complete the tasks. Perform deep analytical investigation and identification of bad actors within environmentĮnsure immutability of containers at runtimeīoth the CKA and CKS exams are online, proctored, performance-based tests that requires solving multiple tasks from a command line running Kubernetes. Perform behavioral analytics of syscall process and file activities at the host and container level to detect malicious activitiesĭetect threats within physical infrastructure, apps, networks, data, users and workloadsĭetect all phases of attack regardless where it occurs and how it spreads Scan images for known vulnerabilities Monitoring, Logging and Runtime Security 20% Use static analysis of user workloads (e.g.Kubernetes resources, Docker files) Secure your supply chain: whitelist allowed registries, sign and validate images
Implement pod to pod encryption by use of mTLS Supply Chain Security 20% Use container runtime sandboxes in multi-tenant environments (e.g. Setup appropriate OS level security domains e.g. Minimize host OS footprint (reduce attack surface)Īppropriately use kernel hardening tools such as AppArmor, seccomp Minimize Microservice Vulnerabilities 20%
#Docker and kubernetes certification update#
Update Kubernetes frequently System Hardening 15% disable defaults, minimize permissions on newly created ones Use Role Based Access Controls to minimize exposureĮxercise caution in using service accounts e.g. Verify platform binaries before deploying Cluster Hardening 15% Minimize use of, and access to, GUI elements Properly set up Ingress objects with security control Use CIS benchmark to review the security configuration of Kubernetes components (etcd, kubelet, kubedns, kubeapi) Use Network security policies to restrict cluster level access Performance-based exams were then developed based on the competencies that were identified. The Linux Foundation worked with industry experts and the Linux kernel community to identify the core domains and the critical skills, knowledge and competencies applicable to each certification.
#Docker and kubernetes certification how to#
Know how to use Ingress controllers and Ingress resourcesĬhoose an appropriate container network interface plugin Understand ClusterIP, NodePort, LoadBalancer service types and endpoints
Understand host networking configuration on the cluster nodes Implement etcd backup and restore Services & Networking 20%
#Docker and kubernetes certification upgrade#
Perform a version upgrade on a Kubernetes cluster using Kubeadm Provision underlying infrastructure to deploy a Kubernetes cluster Manage a highly-available Kubernetes cluster Understand how resource limits can affect Pod schedulingĪwareness of manifest management and common templating tools Cluster Architecture, Installation & Configuration 25% Understand the primitives used to create robust, self-healing, application deployments Use ConfigMaps and Secrets to configure applications Understand deployments and how to perform rolling update and rollbacks Troubleshoot networking Workloads & Scheduling 15% Know how to configure applications with persistent storage Troubleshooting 30% Understand persistent volume claims primitive Understand volume mode, access modes and reclaim policies for volumes
Understand storage classes, persistent volumes
0 kommentar(er)
