Название: Certified Kubernetes Security Specialist (CKS) Study Guide: In-Depth Guidance and Practice (Third Early Release)Автор: Benjamin Muschko
Издательство: O’Reilly Media, Inc.
Год: 2023-01-27
Страниц: 258
Язык: английский
Формат: epub (true)
Размер: 10.2 MB
Vulnerabilities in software and IT infrastructure pose a major threat to organizations. In response, the Cloud Native Computing Foundation (CNCF) developed the Certified Kubernetes Security Specialist (CKS) certification to verify an administrator's proficiency to protect Kubernetes clusters and the cloud native software they contain. This practical book helps you fully prepare for the certification exam by walking you through all of the topics covered.
Different from typical multiple-choice formats used by other certifications, this performance-based exam requires deep knowledge of the tasks it covers under intense time pressure. If you want to pass the CKS exam on the first go, author Benjamin Muschko shares his personal experience to help you learn the objectives, abilities, and tips and tricks you need to pass on the first attempt.
The Kubernetes certification program has been around for more than five years now. Security-aspects have become more and more important, also in the Kubernetes world. Recently, the Certified Kubernetes Security Specialist (CKS) has been added to the certification track to address the need. Security can have different facets, and the way you address those concerns can be very diverse. That’s where the Kubernetes ecosystem comes into play. Apart from Kubernetes’ built-in security features, many tools have evolved that help with identifying, and fixing secuirty risks. As a Kubernetes administrator, you need to be familiar with the wide range of concepts and tools to harden your clusters and applications.
Container security starts with the base image. You need to be aware of the best practices for building container images that minimize the risk of introducing security vulnerabilities from the get-go. Optimally, you will only want to allow pulling trusted container images from an organization-internal container registry that already scanned the image for vulnerabilities before use it. Allowing only those registries is paramount and will be one of the topics important to this domain. Tools like Trivy can help with the task of scanning images for vulnerabilities and are listed as a requirement to pass the exam.
Identify, mitigate, and/or minimize threats to cloud native applications and Kubernetes clusters
Learn the ins and outs of Kubernetes's security features, and external tools for security detection and mitigation purposes
Demonstrate competency to perform the responsibilities of a Kubernetes administrator or application developer with a security viewpoint
Solve real-world Kubernetes problems in a hands-on, command-line environment
Effectively navigate and solve questions during the CKS exam
Скачать Certified Kubernetes Security Specialist (CKS) Study Guide: In-Depth Guidance and Practice (Third Early Release)