Certified Kubernetes Security Specialist (CKS) Online Training

سرفصل های دوره

This intermediate Certified Kubernetes Security Specialist (CKS) training prepares DevOps professionals to minimize microservice vulnerabilities and set up and harden Kubernetes clusters.

The world of IT has seen a big shift from using virtualized application deployment environments to containerized application deployment environments — and Kubernetes is one of the most popular platforms when creating and managing those environments. So it only makes sense that being able to secure container-based applications and Kubernetes platforms has become a requirement.

1 Intro to Certified Kubernetes Security (CKS)

1 Overview of Kubernetes Certifications

2 Kubernetes Cluster and Node Hardening

3 Secure Microservices with Service Mesh and Policy

4 Discuss Software Supply Chain Security

5 Kubernetes Monitoring and Runtime Security

2 Intro to Network Policy for Kubernetes

6 Learn Network Policy Security Concepts in Kubernetes

7 Block Network Traffic by Source CIDR Block

8 Apply Pod Selectors to Kubernetes Network Policy

9 Select Network Traffic by Source Namespace

10 Apply Egress Rules to Kubernetes Network Policy

11 Deploy Example Kubernetes Network Policy Scenario

12 Practice Kubernetes Network Policy

3 Limiting Access to Kubernetes GUIs

13 Intro to Securing Kubernetes GUIs

14 Secure Kubernetes GUIs with Cloud Native Firewalls

15 Encrypt Network Packets with Ingress and TLS

16 Understand Kubernetes Network Policies for Securing GUIs

17 Enable AuthN and AuthZ for Kubernetes GUI Security

18 Disable Web UIs for Improved Cluster Security

4 Using CIS Benchmark to Evaluate Kubernetes Cluster Security

19 Intro to CIS Benchmarks for Kubernetes

20 Discuss the CIS Kubernetes Benchmark Document

21 Understand Etcd and Control Plane Authentication Recommendations

22 Review Kubernetes Worker Node CIS Benchmarks

23 Learn Kubernetes Policy CIS Benchmarks

5 Securely Handling Secrets in Kubernetes Clusters

24 Intro to Kubernetes Sealed Secrets

25 Deploy Bitnami Sealed Secrets to Kubernetes Cluster

26 Encrypt Secrets with Kubeseal CLI Tool

27 Deploy and Unwrap Sealed Secret Resources on Kubernetes

6 Intro to Chaos Testing Kubernetes Clusters

28 Intro to Chaos Mesh for Kubernetes

29 Install Chaos Mesh on Kubernetes Clusters

30 Explore the Chaos Mesh Dashboard UI

31 Inject HTTP Chaos Mesh Experiment into Pods

7 Signing Container Images for Kubernetes Deployment

32 Intro to Signing Container Images

33 Understanding Sigstore Cosign CLI

34 Install Cosign CLI and Generate Key Pair

35 Build and Digitally Sign Container Image with Cosign

8 Control Network Traffic in Kubernetes with Open Service Mesh

36 Intro to Open Service Mesh for Kubernetes

37 Understand Open Service Mesh Installation Process

38 Install Open Service Mesh on Kubernetes with OSM CLI

39 Onboard Kubernetes Namespaces to Open Service Mesh

40 Verify Service Connectivity from OSM Client Pod

41 Limit Network Connectivity with OSM IngressBackend Resource

9 Securely Store Secrets in Kubernetes with Vault

42 Intro to Hashicorp Vault on Kubernetes

43 Understanding Hashicorp Vault Architecture on Kubernetes

44 Install Hashicorp Vault on Kubernetes with Helm

45 Initialize and Unseal Hashicorp Vault and Create Secret

46 Create Vault Permissions Policy and Role

47 Inject Hashicorp Vault Secrets into Kubernetes Pod

10 Implement Pod Security Policies in Kubernetes

48 Intro to Pod Security Policies

49 Learn Pod Security Policy Architecture

50 Test Default Behavior of Kubernetes PSPs

51 Create Kubernetes Service Account and Pod Security Policy

52 Create Role and Validate PSP Behavior

11 Understanding Kubernetes Admission Controllers

53 Intro to Kubernetes Admission Controllers

54 Learn About Dynamic Admission Controllers

55 Examine Built-in Kubernetes Admission Controllers

56 Customize Kubernetes (k3s) API Server Admission Plugins

12 Master Auditing in Kubernetes Clusters

57 Intro to Auditing in Kubernetes

58 Understanding Kubernetes Audit Policy Configuration

59 Install K3S and Enable Audit Logging

60 Enable Kubernetes Audit Backend

13 Working with Kubernetes Events

61 Intro to Kubernetes Event Resources

62 Explore Kubernetes Event Schema

63 Understand Node Level Events in Kubernetes

64 Explore Pod Events in Kubernetes

65 Filter Kubernetes Events with Kubectl CLI

14 Process Kubernetes Audit Logs with PowerShell

66 Intro to Processing Kubernetes Audit Logs

67 Provision Kubernetes Audit Database with MySQL

68 Connect to MySQL Database from PowerShell and VSCode

69 Parse Kubernetes JSON Audit Logs and Insert MySQL Records

15 Validate Container Image Signatures in Kubernetes

70 Intro to Container Image Verification in Kubernetes

71 Customize Connaisseur Helm Variables

72 Install Connaisseur Helm Chart

73 Build and Test Signed Container Image

16 Scan Linux Container Images for Vulnerabilities with Trivy

74 Intro to Container Image Vulnerability Scanning Tools

75 Explore Trivy Scanner Functionality

76 Deep Dive Into Trivy Vulnerability Data Sources

77 Run Trivy Vulnerability Scan on Linux VM

17 Detect Runtime Security Threats with Falco

78 Intro to Falco Open Source Event Detection

79 Learn About Falco Sidekick Utility

80 Engage with the Falco Development Community

81 Install Falco on Linux Virtual Machine

82 Review Falco Configuration Files and Launch Falco

18 Secure Kubernetes Access with Teleport

83 Intro to Teleport Proxy Security for Kubernetes

84 Understanding Teleport Architecture on Kubernetes

85 Install Teleport Proxy on Kubernetes Cluster

86 Configure Teleport DNS Endpoint and User

87 Login to Kubernetes Cluster via Teleport CLI

19 Enforce Kubernetes Resource Configuration with Kyverno Policies

88 Intro to Kyverno Policy Management for Kubernetes

89 Install Kyverno on Kubernetes Cluster with Helm

90 Examine Kyverno Policy Library and Network Policy

91 Apply Kyverno Policy to Enforce Kubernetes Quotas

20 Monitoring Kubernetes with Sumo Logic

92 Intro to Kubernetes Monitoring with Sumo Logic

93 Install Sumo Logic Helm Chart on Kubernetes Cluster

94 Explore Sumo Logic Open Source Components

95 Explore Built-in Kubernetes Dashboards in Sumo Logic

96 Understanding Kubernetes E-mail Alerts in Sumo Logic

21 Understanding Dynamic Admission Controllers for Kubernetes

97 Intro to Kubernetes Dynamic Admission Controllers

98 Learn Basic Structure of Validating Webhook Configuration

99 Understanding Kubernetes Webhook Configuration Rules

100 Setting the Client Config for Kubernetes Webhook Configs

101 Understanding Extra Webhook Config Options

102 Inspect Validating Webhook Config Requests

22 Automate Container Image Scanning in GitHub Actions

103 Intro to Container Image Scanning with GitHub Actions

104 Create Simple GitHub Actions Project

105 Install and Run Trivy in GitHub Actions

106 Abort GitHub Actions Workflow on Detected Vulnerabilities

107 Improve Trivy Performance in GitHub Actions

23 Explore Chaos Mesh Experiments for Kubernetes Clusters

108 Schedule Chaos Mesh Experiments with Cron Expressions

109 Develop Complex Chaos Mesh Workflows

110 Inject Stress Chaos into Kubernetes Pods

111 Perform Kubernetes Network Attacks with Chaos Mesh

24 Implement Pod Security Standards in Kubernetes

112 Intro to Pod Security Standards

113 Implement Warning for Baseline Pod Security Standard on Namespace

114 Enforce Baseline Pod Security Standard Versions

115 Apply Pod Security Standard to Entire Kubernetes Cluster

25 Control Kubernetes API Priority and Fairness

116 Intro to Kubernetes API Priority and Fairness

117 Understanding API Priority & Fairness Resources

118 Examine Kubernetes FlowSchema Resource Type

119 Validate FlowSchema Applied During k8s API Requests

120 Explore Kubernetes Priority Level Configuration Queues

26 Validate Kubernetes Infrastructure with PowerShell Pester Tests

121 Intro to Kubernetes Infrastructure Testing with Pester

122 Discuss Specific Use Cases for Automated Kubernetes Testing

123 Setting Up PowerShell and Pester Dev Environment

124 Write Pester Test for Kubernetes Pods in Default Namespace

125 Write Pester Test for Kubernetes Deployment Replica Count

126 Add Pester Template Strings to Test Cases

127 Write Pester Test for Kubernetes Cluster Role Bindings

27 Understanding Open Policy Agent

128 Whats Driving the Need for Policy-

129 Intro to Open Policy Agent (OPA) Concepts

130 Understand OPA Gatekeeper Architecture with Kubernetes

131 Install OPA Gatekeeper on Kubernetes Cluster

132 Deploy OPA Constraints to Kubernetes Cluster

133 Remediate Audit Violations from OPA Gatekeeper

28 Validate Kubernetes Resource Configurations with Datree

134 Intro to Kubernetes Resource Validation with Datree

135 Run Datree CLI Against Local Kubernetes Manifest

136 Skip Datree Policy Rules with Resource Annotations

137 Evaluate Datree Policy Rules on Live Kubernetes Resources

138 Configure Datree Policies Centrally or Locally

29 Develop Rego Policies for Open Policy Agent

139 Intro to Rego for Open Policy Agent (OPA)

140 Create Rego Policy and Parse with OPA CLI

141 Write Rego Policy Tests and Execute with OPA CLI

142 Pass Inputs to Rego Policies and Use String Functions

143 Evaluate Rego Policy Return Values

144 Implement Time Window Policy in Rego

83,800 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

مدرس: Trevor Sullivan