This series consists of a set of complex challenges that will assist you in mastering Kubernetes Security concepts and getting ready for the coveted Certified Kubernetes Security Specialist Certification.
These challenges will test you on Kubernetes security concepts such as network policies, RBAC, seccomp, AppArmor, etc. To solve some of the tasks, you will also need to make use of third-party security tools such as Aquasec Trivy, Kubesec, CIS Benchmarks, and Falco from Sysdig open source.
The interface of these challenges is divided into two parts:
- The top half contains the Quiz portal where the details related to the challenge are displayed and an interactive Architecture diagram.
Click on the icons and the arrow connectors in the architecture diagram, and an associated task (if available) will be displayed on the quiz portal. - The bottom half of the interface contains the terminal to the Kubernetes control plane which you would use to complete the tasks.
You can click on the “Check” button to validate if a task is complete. If complete, the icons in the architecture diagram will be highlighted in green. If something is incomplete, it will be highlighted in red.
To do CKS, we are tough, right? In the two hours for the exam there is a lot to get through including repetitive tasks like scanning multiple images with trivy. These solutions make use of various bash trickery and commands found on all Linux terminals like awk, sed and grep, that if you are comfortable with will save much time!