Kubernetes Security CKS

The Kubernetes Security CKS Course provides participants with an in-depth and practical overview of Kubernetes security, including the fundamental technologies needed to ensure the protection of containerized applications and orchestration infrastructure. Participants will explore the key aspects of security in Kubernetes clusters, with a focus on Role-Based Access Control (RBAC), pod security policies, container runtime security, and secure configuration of communications between cluster components. Essential tools such as container vulnerability scanners, network policy configurators, and logging and auditing tools for Kubernetes will be covered, as well as methodologies for integrating external identity providers such as LDAP or Active Directory. The program guides participants in understanding security best practices applicable to the entire container lifecycle, from image creation to deployment and runtime management. Through real-world use cases and labs, participants will gain the skills needed to configure robust and resilient Kubernetes environments against common threats. The course contributes to the preparation for the Kubernetes Security Specialist (CKS) Certification exam .

Submit a request

Course Objectives

The main objectives of the Kubernetes Administrator CKA Course are:

  1. Understand and implement security techniques for the Kubernetes control plane, etcd data store, and networking.
  2. Apply container security measures, including vulnerability scanning and runtime protection.
  3. Configure integrated authentication, authorization, and service account management with external providers.
  4. Implement and enforce pod security policies, with a focus on privilege and resource management.
  5. Monitor, audit and analyze security events using dedicated tools.
  6. Enforce Kubernetes network policies to restrict pod communication.
  7. Secure image builds with trusted registries and CI/CD checks.
  8. Apply security benchmarks and harden the Kubernetes environment.

Course Certification

This course helps you prepare to take the:
Certified Kubernetes Security Specialist (CKS) Exam;

Course Outline

Introduction to Kubernetes Security

  • Understanding the importance of Kubernetes security
  • Overview of Kubernetes architecture and components
  • Common security challenges in Kubernetes deployments

Kubernetes Security Fundamentals

  • Securing the Kubernetes control plane
  • Implementing RBAC (Role-Based Access Control)
  • Securing Kubernetes etcd cluster
  • Network security and pod-to-pod communication

Container Security in Kubernetes

  • Container image security best practices
  • Implementing container runtime security
  • Isolation and resource limitations for containers
  • Container vulnerability scanning and image signing

Securing Kubernetes Cluster Communications

  • Securing API server communication
  • Implementing mutual TLS (mTLS) authentication
  • Configuring network policies and input controllers
  • Securing communication between pods and services

Authentication and Authorization in Kubernetes

  • User authentication and identity management
  • Integrating with external identity providers (LDAP, Active Directory)
  • Implementing service accounts and kubeconfig files
  • Role-based access control (RBAC) for fine-grained authorization

Kubernetes Pod Security Policies

  • Understanding pod security policies
  • Implementing and enforcing pod security policies
  • Managing privileged containers and host namespaces
  • Controlling container capabilities and volume permissions

Monitoring and Auditing Kubernetes Security

  • Implementing logging and auditing in Kubernetes
  • Leveraging Kubernetes audit logs for security analysis
  • Monitoring cluster health and security events
  • Using security-focused monitoring tools and frameworks

Kubernetes Security Best Practices

  • Updating and patching Kubernetes components
  • Performing vulnerability assessments and security audits
  • Incident response and handling security breaches
  • Secure configuration management and secrets management

Kubernetes Security Tools and Frameworks

  • Introduction to Kubernetes security tools and frameworks
  • Container scanning and vulnerability assessment tools
  • Network security tools for Kubernetes environments
  • Security auditing and compliance frameworks

Course Mode

Instructor-Led Remote Live Classroom Training;

Trainers

Trainers are CKA and CKAD Certified and in other IT technologies, with years of hands-on experience in the industry and in Training.

Lab Topology

For all types of delivery, the Trainee can access real Cisco equipment and systems in our laboratories or directly at the Cisco data centers remotely 24 hours a day. Each participant has access to implement the various configurations thus having a practical and immediate feedback of the theoretical concepts.
Here are some Labs topologies available:

 

Kubernetes CKA Lab

Course Details

Course Prerequisites

  • It is recommended to attend the Kubernetes Administrator CKA Course or the Kubernetes Developer CKAD Course

Course Duration

Intensive duration 4 days

Course Frequency

Course Duration: 4 days (9.00 to 17.00) - Ask for other types of attendance.

Course Date

  • Kubernetes Security CKS Course (Intensive Formula) –  On request  – 09:00 – 17:00

Steps to Enroll

Registration takes place by asking to be contacted from the following link, or by contacting the office at the international number +355 45 301 313 or by sending a request to the email info@hadartraining.com

Hadar Training SH.P.K. Condor Center, Kavaja Street 40, 1st Floor, 1010 Tirana, Albania

Get in touch!

+355 45 301 313 info@hadartraining.com
About Courses News Contact