Kubernetes CKS 2023 Complete Course + Simulator

11h 6m 23s
English
Paid
June 24, 2024

Hi there! All you need for your Certified Kubernetes Security Specialist preparation in one place !  I'm Kim, Kubernetes Trainer and Author, also the creator of the Killer Shell CKS|CKA|CKAD Simulators.

More

I will present every CKS topic to you in a simple, visual and easy way:


  • For every topic we'll also run through various practical hands-on challenges together

  • We'll setup your own CKS cluster together, for this we provide simple scripts!

  • We also have a Github course repository with various examples which we use throughout this course

  • At the end you'll test your knowledge by attending the Killer Shell CKS simulator for which two free identical sessions are included in this course

  • Join the Killer Shell private Slack community for exam and topic discussion

Simulator

Two Killer Shell CKS Simulator sessions with identical questions are included in this course. The simulator cannot be used indefinitely, so treat the simulator like the real exam, come prepared. Should you fail the real exam you get another session for free.

Please expect this course to take more time than just our recorded hours. For most topics you'll need some time to implement the scenarios yourself. Also breaks (hours or even days) between sections/topics should be advised to prevent brain implosion :)

You should already have some Kubernetes Administrator knowledge before attending this course. And if you like to attend the real CKS exam you need to hold a valid CKA certification. But we also do some recap of CKA knowledge at the beginning, so no worries if your knowledge is a bit stale.

Watch Online Kubernetes CKS 2023 Complete Course + Simulator

Join premium to watch
Go to premium
# Title Duration
1 Welcome 02:31
2 Best Video Quality 00:30
3 K8s Security Best Practices 10:17
4 Cluster Specification 02:43
5 Practice - Create GCP Account 03:48
6 Practice - Configure "gcloud" command 04:54
7 Practice - Create Kubeadm Cluster in GCP 08:40
8 Practice - Firewall rules for NodePorts 01:01
9 Notice: Always stop your instances 01:40
10 Containerd Course Upgrade 01:10
11 Recap 01:04
12 How to get Access 01:22
13 Intro 12:18
14 Practice - Find various K8s certificates 05:56
15 Recap 01:12
16 Intro 10:18
17 Container Tools Introduction 06:03
18 Practice - The PID Namespace 03:34
19 Recap 00:43
20 Cluster Reset 00:43
21 Introduction 1 04:10
22 Introduction 2 05:05
23 Practice - Default Deny 03:54
24 Practice - Frontend to Backend traffic 06:16
25 Practice - Backend to Database traffic 07:27
26 Recap 01:01
27 Introduction 04:10
28 Practice - Install Dashboard 01:10
29 Practice - Outside Insecure Access 04:40
30 Practice - RBAC for the Dashboard 03:35
31 Recap 01:42
32 K8s Docs in correct Version 00:43
33 Introduction 03:57
34 Practice - Create an Ingress 07:40
35 Practice - Secure an Ingress 08:54
36 Recap 00:27
37 Introduction 03:05
38 Practice: Access Node Metadata 02:03
39 Practice: Protect Node Metadata via NetworkPolicy 04:28
40 Recap 00:36
41 Introduction 02:25
42 Practice - CIS in Action 05:18
43 Practice - kube-bench 03:51
44 Recap 01:52
45 Introduction 01:15
46 Practice - Download and verify K8s release 03:28
47 Practice - Verify apiserver binary running in our cluster 05:13
48 Recap 00:32
49 Intro 09:11
50 Practice - Role and Rolebinding 05:01
51 Practice - ClusterRole and ClusterRoleBinding 04:02
52 Accounts and Users 04:16
53 Practice - CertificateSigningRequests 09:26
54 Recap 01:01
55 Intro 01:21
56 Practice - Pod uses custom ServiceAccount 08:59
57 Practice - Disable ServiceAccount mounting 03:23
58 Practice - Limit ServiceAccounts using RBAC 02:43
59 Recap 01:08
60 Introduction 04:24
61 Practice - Anonymous Access 04:08
62 Practice - Insecure Access 04:09
63 Practice - Manual API Request 03:40
64 Practice - External Apiserver Access 06:35
65 NodeRestriction AdmissionController 02:03
66 Practice - Verify NodeRestriction 03:46
67 Recap 00:51
68 Introduction 06:33
69 Practice - Create outdated cluster 03:38
70 Practice - Upgrade controlplane node 06:21
71 Practice - Upgrade node 03:58
72 Recap 01:08
73 Introduction 03:39
74 Practice - Create Simple Secret Scenario 05:35
75 Practice - Hack Secrets in Container Runtime 05:43
76 Practice - Hack Secrets in ETCD 03:48
77 ETCD Encryption 05:21
78 Practice - Encrypt ETCD 18:42
79 Recap 04:51
80 Introduction 06:36
81 Practice - Container calls Linux Kernel 03:06
82 Open Container Initiative OCI 03:26
83 Sandbox Runtime Katacontainers 02:11
84 Sandbox Runtime gVisor 02:05
85 Practice - Create and use RuntimeClasses 03:55
86 Practice - Install and use gVisor 06:04
87 Recap 01:08
88 Intro and Security Contexts 03:19
89 Practice - Set Container User and Group 03:48
90 Practice - Force Container Non-Root 02:27
91 Privileged Containers 01:35
92 Practice - Create Privileged Containers 02:51
93 PrivilegeEscalation 00:57
94 Practice - Disable PriviledgeEscalation 01:39
95 Intro 07:57
96 Practice - Create sidecar proxy 06:09
97 Recap 01:08
98 Cluster Reset 00:43
99 Introduction 05:59
100 Practice - Install OPA 03:20
101 Practice - Deny All Policy 10:40
102 Practice - Enforce Namespace Labels 09:21
103 Practice - Enforce Deployment replica count 04:32
104 Practice - The Rego Playground and more examples 04:14
105 Recap 01:38
106 Introduction 04:50
107 Practice - Reduce Image Footprint with Multi-Stage 07:00
108 Practice - Secure and harden Images 08:11
109 Recap 01:55
110 Introduction 06:55
111 Kubesec 02:13
112 Practice - Kubesec 03:27
113 OPA Conftest 01:32
114 Practice - OPA Conftest for K8s YAML 04:08
115 Practice - OPA Conftest for Dockerfile 03:22
116 Recap 01:19
117 Introduction 07:05
118 Clair and Trivy 01:08
119 Practice - Use Trivy to scan images 04:21
120 Recap 01:05
121 Introduction 03:29
122 Practice - Image Digest 03:59
123 Practice - Whitelist Registries with OPA 05:40
124 ImagePolicyWebhook 01:47
125 Practice - ImagePolicyWebhook 09:53
126 Recap 00:39
127 Introduction 03:23
128 Practice - Strace 04:23
129 Practice - Strace and /proc on ETCD 07:09
130 Practice - /proc and env variables 04:46
131 Practice - Falco and Installation 04:18
132 Practice - Use Falco to find malicious processes 05:24
133 Practice - Investigate Falco rules 04:51
134 Practice - Change Falco Rule 08:44
135 Recap 01:31
136 Introduction 03:35
137 Ways to enforce immutability 04:48
138 Practice - StartupProbe changes container 03:35
139 Practice - SecurityContext renders container immutable 04:52
140 Recap 00:51
141 Introduction 11:40
142 Practice - Enable Audit Logging in Apiserver 05:53
143 Practice - Create Secret and check Audit Logs 03:06
144 Practice - Create advanced Audit Policy 10:13
145 Recap 01:23
146 Introduction 02:47
147 AppArmor 02:44
148 Practice - AppArmor for curl 06:09
149 Practice - AppArmor for Docker Nginx 05:57
150 Practice - AppArmor for Kubernetes Nginx 05:40
151 Seccomp 03:34
152 Practice - Seccomp for Docker Nginx 02:40
153 Practice - Seccomp for Kubernetes Nginx 07:47
154 Recap 01:33
155 Introduction 04:54
156 Practice - Systemctl and Services 02:06
157 Practice - Install and investigate Services 04:50
158 Practice - Disable application listening on port 02:03
159 Practice - Investigate Linux Users 04:34
160 Recap 01:06

Similar courses to Kubernetes CKS 2023 Complete Course + Simulator

Istio Hands-On for Kubernetes

Istio Hands-On for Kubernetes

Duration 12 hours 15 minutes 1 second
Amazon EKS Starter: Docker on AWS EKS with Kubernetes

Amazon EKS Starter: Docker on AWS EKS with Kubernetes

Duration 5 hours 30 minutes 7 seconds
Intensive Kubernetes: 2.0

Intensive Kubernetes: 2.0

Duration 18 hours 55 minutes 51 seconds
Mastering Kubernetes

Mastering Kubernetes

Duration 8 hours 38 minutes 39 seconds
Docker & Kubernetes: The Practical Guide

Docker & Kubernetes: The Practical Guide

Duration 23 hours 10 minutes 27 seconds
Docker and Kubernetes: The Complete Guide

Docker and Kubernetes: The Complete Guide

Duration 21 hours 32 minutes 42 seconds
Kubernetes Hands-On - Deploy Microservices to the AWS Cloud

Kubernetes Hands-On - Deploy Microservices to the AWS Cloud

Duration 28 hours 23 minutes 41 seconds
Cloud-Native: Microservices, Kubernetes, Service Mesh, CI/CD

Cloud-Native: Microservices, Kubernetes, Service Mesh, CI/CD

Duration 25 hours 25 minutes 22 seconds