Kubernetes CKS 2023 Complete Course + Simulator
11h 6m 23s
English
Paid
Course description
Hi there! All you need for your Certified Kubernetes Security Specialist preparation in one place ! I'm Kim, Kubernetes Trainer and Author, also the creator of the Killer Shell CKS|CKA|CKAD Simulators.
Read more about the course
I will present every CKS topic to you in a simple, visual and easy way:
For every topic we'll also run through various practical hands-on challenges together
We'll setup your own CKS cluster together, for this we provide simple scripts!
We also have a Github course repository with various examples which we use throughout this course
At the end you'll test your knowledge by attending the Killer Shell CKS simulator for which two free identical sessions are included in this course
Join the Killer Shell private Slack community for exam and topic discussion
Simulator
Two Killer Shell CKS Simulator sessions with identical questions are included in this course. The simulator cannot be used indefinitely, so treat the simulator like the real exam, come prepared. Should you fail the real exam you get another session for free.
Please expect this course to take more time than just our recorded hours. For most topics you'll need some time to implement the scenarios yourself. Also breaks (hours or even days) between sections/topics should be advised to prevent brain implosion :)
You should already have some Kubernetes Administrator knowledge before attending this course. And if you like to attend the real CKS exam you need to hold a valid CKA certification. But we also do some recap of CKA knowledge at the beginning, so no worries if your knowledge is a bit stale.
Watch Online
Watch Online Kubernetes CKS 2023 Complete Course + Simulator
0:00
/ #1: Welcome
All Course Lessons (160)
| # | Lesson Title | Duration | Access |
|---|---|---|---|
| 1 | Welcome Demo | 02:31 | |
| 2 | Best Video Quality | 00:30 | |
| 3 | K8s Security Best Practices | 10:17 | |
| 4 | Cluster Specification | 02:43 | |
| 5 | Practice - Create GCP Account | 03:48 | |
| 6 | Practice - Configure "gcloud" command | 04:54 | |
| 7 | Practice - Create Kubeadm Cluster in GCP | 08:40 | |
| 8 | Practice - Firewall rules for NodePorts | 01:01 | |
| 9 | Notice: Always stop your instances | 01:40 | |
| 10 | Containerd Course Upgrade | 01:10 | |
| 11 | Recap | 01:04 | |
| 12 | How to get Access | 01:22 | |
| 13 | Intro | 12:18 | |
| 14 | Practice - Find various K8s certificates | 05:56 | |
| 15 | Recap | 01:12 | |
| 16 | Intro | 10:18 | |
| 17 | Container Tools Introduction | 06:03 | |
| 18 | Practice - The PID Namespace | 03:34 | |
| 19 | Recap | 00:43 | |
| 20 | Cluster Reset | 00:43 | |
| 21 | Introduction 1 | 04:10 | |
| 22 | Introduction 2 | 05:05 | |
| 23 | Practice - Default Deny | 03:54 | |
| 24 | Practice - Frontend to Backend traffic | 06:16 | |
| 25 | Practice - Backend to Database traffic | 07:27 | |
| 26 | Recap | 01:01 | |
| 27 | Introduction | 04:10 | |
| 28 | Practice - Install Dashboard | 01:10 | |
| 29 | Practice - Outside Insecure Access | 04:40 | |
| 30 | Practice - RBAC for the Dashboard | 03:35 | |
| 31 | Recap | 01:42 | |
| 32 | K8s Docs in correct Version | 00:43 | |
| 33 | Introduction | 03:57 | |
| 34 | Practice - Create an Ingress | 07:40 | |
| 35 | Practice - Secure an Ingress | 08:54 | |
| 36 | Recap | 00:27 | |
| 37 | Introduction | 03:05 | |
| 38 | Practice: Access Node Metadata | 02:03 | |
| 39 | Practice: Protect Node Metadata via NetworkPolicy | 04:28 | |
| 40 | Recap | 00:36 | |
| 41 | Introduction | 02:25 | |
| 42 | Practice - CIS in Action | 05:18 | |
| 43 | Practice - kube-bench | 03:51 | |
| 44 | Recap | 01:52 | |
| 45 | Introduction | 01:15 | |
| 46 | Practice - Download and verify K8s release | 03:28 | |
| 47 | Practice - Verify apiserver binary running in our cluster | 05:13 | |
| 48 | Recap | 00:32 | |
| 49 | Intro | 09:11 | |
| 50 | Practice - Role and Rolebinding | 05:01 | |
| 51 | Practice - ClusterRole and ClusterRoleBinding | 04:02 | |
| 52 | Accounts and Users | 04:16 | |
| 53 | Practice - CertificateSigningRequests | 09:26 | |
| 54 | Recap | 01:01 | |
| 55 | Intro | 01:21 | |
| 56 | Practice - Pod uses custom ServiceAccount | 08:59 | |
| 57 | Practice - Disable ServiceAccount mounting | 03:23 | |
| 58 | Practice - Limit ServiceAccounts using RBAC | 02:43 | |
| 59 | Recap | 01:08 | |
| 60 | Introduction | 04:24 | |
| 61 | Practice - Anonymous Access | 04:08 | |
| 62 | Practice - Insecure Access | 04:09 | |
| 63 | Practice - Manual API Request | 03:40 | |
| 64 | Practice - External Apiserver Access | 06:35 | |
| 65 | NodeRestriction AdmissionController | 02:03 | |
| 66 | Practice - Verify NodeRestriction | 03:46 | |
| 67 | Recap | 00:51 | |
| 68 | Introduction | 06:33 | |
| 69 | Practice - Create outdated cluster | 03:38 | |
| 70 | Practice - Upgrade controlplane node | 06:21 | |
| 71 | Practice - Upgrade node | 03:58 | |
| 72 | Recap | 01:08 | |
| 73 | Introduction | 03:39 | |
| 74 | Practice - Create Simple Secret Scenario | 05:35 | |
| 75 | Practice - Hack Secrets in Container Runtime | 05:43 | |
| 76 | Practice - Hack Secrets in ETCD | 03:48 | |
| 77 | ETCD Encryption | 05:21 | |
| 78 | Practice - Encrypt ETCD | 18:42 | |
| 79 | Recap | 04:51 | |
| 80 | Introduction | 06:36 | |
| 81 | Practice - Container calls Linux Kernel | 03:06 | |
| 82 | Open Container Initiative OCI | 03:26 | |
| 83 | Sandbox Runtime Katacontainers | 02:11 | |
| 84 | Sandbox Runtime gVisor | 02:05 | |
| 85 | Practice - Create and use RuntimeClasses | 03:55 | |
| 86 | Practice - Install and use gVisor | 06:04 | |
| 87 | Recap | 01:08 | |
| 88 | Intro and Security Contexts | 03:19 | |
| 89 | Practice - Set Container User and Group | 03:48 | |
| 90 | Practice - Force Container Non-Root | 02:27 | |
| 91 | Privileged Containers | 01:35 | |
| 92 | Practice - Create Privileged Containers | 02:51 | |
| 93 | PrivilegeEscalation | 00:57 | |
| 94 | Practice - Disable PriviledgeEscalation | 01:39 | |
| 95 | Intro | 07:57 | |
| 96 | Practice - Create sidecar proxy | 06:09 | |
| 97 | Recap | 01:08 | |
| 98 | Cluster Reset | 00:43 | |
| 99 | Introduction | 05:59 | |
| 100 | Practice - Install OPA | 03:20 | |
| 101 | Practice - Deny All Policy | 10:40 | |
| 102 | Practice - Enforce Namespace Labels | 09:21 | |
| 103 | Practice - Enforce Deployment replica count | 04:32 | |
| 104 | Practice - The Rego Playground and more examples | 04:14 | |
| 105 | Recap | 01:38 | |
| 106 | Introduction | 04:50 | |
| 107 | Practice - Reduce Image Footprint with Multi-Stage | 07:00 | |
| 108 | Practice - Secure and harden Images | 08:11 | |
| 109 | Recap | 01:55 | |
| 110 | Introduction | 06:55 | |
| 111 | Kubesec | 02:13 | |
| 112 | Practice - Kubesec | 03:27 | |
| 113 | OPA Conftest | 01:32 | |
| 114 | Practice - OPA Conftest for K8s YAML | 04:08 | |
| 115 | Practice - OPA Conftest for Dockerfile | 03:22 | |
| 116 | Recap | 01:19 | |
| 117 | Introduction | 07:05 | |
| 118 | Clair and Trivy | 01:08 | |
| 119 | Practice - Use Trivy to scan images | 04:21 | |
| 120 | Recap | 01:05 | |
| 121 | Introduction | 03:29 | |
| 122 | Practice - Image Digest | 03:59 | |
| 123 | Practice - Whitelist Registries with OPA | 05:40 | |
| 124 | ImagePolicyWebhook | 01:47 | |
| 125 | Practice - ImagePolicyWebhook | 09:53 | |
| 126 | Recap | 00:39 | |
| 127 | Introduction | 03:23 | |
| 128 | Practice - Strace | 04:23 | |
| 129 | Practice - Strace and /proc on ETCD | 07:09 | |
| 130 | Practice - /proc and env variables | 04:46 | |
| 131 | Practice - Falco and Installation | 04:18 | |
| 132 | Practice - Use Falco to find malicious processes | 05:24 | |
| 133 | Practice - Investigate Falco rules | 04:51 | |
| 134 | Practice - Change Falco Rule | 08:44 | |
| 135 | Recap | 01:31 | |
| 136 | Introduction | 03:35 | |
| 137 | Ways to enforce immutability | 04:48 | |
| 138 | Practice - StartupProbe changes container | 03:35 | |
| 139 | Practice - SecurityContext renders container immutable | 04:52 | |
| 140 | Recap | 00:51 | |
| 141 | Introduction | 11:40 | |
| 142 | Practice - Enable Audit Logging in Apiserver | 05:53 | |
| 143 | Practice - Create Secret and check Audit Logs | 03:06 | |
| 144 | Practice - Create advanced Audit Policy | 10:13 | |
| 145 | Recap | 01:23 | |
| 146 | Introduction | 02:47 | |
| 147 | AppArmor | 02:44 | |
| 148 | Practice - AppArmor for curl | 06:09 | |
| 149 | Practice - AppArmor for Docker Nginx | 05:57 | |
| 150 | Practice - AppArmor for Kubernetes Nginx | 05:40 | |
| 151 | Seccomp | 03:34 | |
| 152 | Practice - Seccomp for Docker Nginx | 02:40 | |
| 153 | Practice - Seccomp for Kubernetes Nginx | 07:47 | |
| 154 | Recap | 01:33 | |
| 155 | Introduction | 04:54 | |
| 156 | Practice - Systemctl and Services | 02:06 | |
| 157 | Practice - Install and investigate Services | 04:50 | |
| 158 | Practice - Disable application listening on port | 02:03 | |
| 159 | Practice - Investigate Linux Users | 04:34 | |
| 160 | Recap | 01:06 |
Unlock unlimited learning
Get instant access to all 159 lessons in this course, plus thousands of other premium courses. One subscription, unlimited knowledge.
Learn more about subscriptionComments
0 commentsSimilar courses
Docker & Kubernetes: The Practical Guide
Sources: udemy, Academind Pro
Docker & Kubernetes are amongst the most in-demand technologies and topics you can learn these days. Why? Because they significantly simplify the development and deployment proc...
23 hours 10 minutes 27 seconds
Cloud-Native: Microservices, Kubernetes, Service Mesh, CI/CD
Sources: udemy
In this course, we’re going to learn how to Design and Build Cloud-Native Apps with Microservices Architecture, Kubernetes Deployments, Communications
25 hours 25 minutes 22 seconds
Master Microservices with Java, Spring, Docker, Kubernetes
Sources: udemy
'Master Microservices with Spring, Docker, Kubernetes' course will help in understanding about microservices architecture and how to build it using SpringBoot
23 hours 57 minutes 28 seconds
Amazon EKS Starter: Docker on AWS EKS with Kubernetes
Sources: udemy
Setting up and maintaining Kubernetes yourself on any cloud provider is painful... but now with Amazon EKS, the management of the Kubernetes control
5 hours 30 minutes 7 seconds
The complete guide to running Java in Docker and Kubernetes
Sources: udemy
If you need to learn how to run, tune, and maintain JVM applications that run in Docker and/or Kubernetes then this is the course for you. This course is very different from oth...
4 hours 39 minutes 16 seconds
Want to join the conversation?
Sign in to comment