Trang chủ

Other IT & Software

Kubernetes

Kubernetes CKS 2023 Complete Course - Theory - Practice

Kubernetes CKS 2023 Complete Course - Theory - Practice

Loại khoá học: Other IT & Software

Theory | Practice | Browser Scenarios

50.000 VND

549.000 VND

Đầy Đủ Bài Giảng

Học Online Tiện Lợi

Kích Hoạt Nhanh 2-5 Phút

Thanh toán tự động

Được phép tải xuống

Mô tả

Hi there!

all you need for your Certified Kubernetes Security Specialist preparation in one place !

I'm Kim, Kubernetes Trainer and Author, also the creator of the Killer Shell CKS|CKA|CKAD Simulators.

We will present every CKS topic to you in a simple, visual and easy way
For every topic we'll also run through various practical hands-on challenges together
We'll setup your own CKS cluster together, for this we provide simple scripts!
In addition you'll also get access to ~40 browser scenarios and challenges
We also have a Github course repository with various examples which we use throughout this course
Join the Killer Shell private Slack community for exam and topic discussion

Browser Scenarios and Challenges

We have ~40 browser scenarios for various topics for which access comes included in this course:

Please expect this course to take more time than just our recorded hours. For most topics you'll need some time to implement the scenarios yourself. Also breaks (hours or even days) between sections/topics should be advised to prevent brain implosion :)

Are you ready to dive deep into Kubernetes Security?

Is your goal to become Kubernetes Certified Security Specialist (CKS)?

### Then this course is for you ###

You should already have some Kubernetes Administrator knowledge before attending this course. And if you like to attend the real CKS exam you need to hold a valid CKA certification. But we also do some recap of CKA knowledge at the beginning, so no worries if your knowledge is a bit stale.

Hoping to have you on board and happy learning,

Team Killer Shell

Bạn sẽ học được gì

Complete CKS preparation

CKS full Theory and Practice

Kubernetes Security Concepts

Think from a hackers perspective

Deep technical insight into Kubernetes

Yêu cầu

Before you attend the real exam you need to hold the CKA
Some Kubernetes Admin knowledge, but we also do a recap!

Nội dung khoá học

30 sections

Introduction

4 lectures

Welcome

02:30

Best Video Quality

00:29

Slack Community

00:04

K8s Security Best Practices

10:16

Create your course K8s cluster

8 lectures

Cluster Specification

02:42

Practice - Create GCP Account

03:47

Practice - Configure "gcloud" command

04:53

Practice - Create Kubeadm Cluster in GCP

08:39

Practice - Firewall rules for NodePorts

01:00

Notice: Always stop your instances

01:39

Containerd Course Upgrade

01:09

Recap

01:03

Killercoda Access

2 lectures

How to get Access

01:21

Your Access Code

00:18

Foundation - Kubernetes Secure Architecture

3 lectures

Intro

12:17

Practice - Find various K8s certificates

05:55

Recap

01:11

Foundation - Containers under the hood

6 lectures

Intro

10:17

Container Tools Introduction

06:02

Practice - The PID Namespace

03:33

Recap

00:42

TEST - Docker Container Namespaces

00:02

TEST - Podman Container Namespaces

00:02

Cluster Setup - Network Policies

9 lectures

Cluster Reset

00:41

Introduction 1

04:09

Introduction 2

05:04

Practice - Default Deny

03:53

Practice - Frontend to Backend traffic

06:15

Practice - Backend to Database traffic

07:26

Recap

01:00

TEST - Default-Deny Network Policy

00:02

TEST - NetworkPolicy Namespace Communication

00:02

Cluster Setup - GUI Elements

5 lectures

Introduction

04:09

Practice - Install Dashboard

01:08

Practice - Outside Insecure Access

04:39

Practice - RBAC for the Dashboard

03:34

Recap

01:41

Cluster Setup - Secure Ingress

7 lectures

K8s Docs in correct Version

00:42

Introduction

03:56

Practice - Create an Ingress

07:38

Practice - Secure an Ingress

08:53

Recap

00:26

TEST - Create an Ingress

00:02

TEST - Secure an Ingress

00:02

Cluster Setup - Node Metadata Protection

5 lectures

Introduction

03:04

Practice: Access Node Metadata

02:02

Practice: Protect Node Metadata via NetworkPolicy

04:27

Recap

00:35

TEST - NetworkPolicy Metadata Protection

00:02

Cluster Setup - CIS Benchmarks

5 lectures

Introduction

02:24

Practice - CIS in Action

05:17

Practice - kube-bench

03:50

Recap

01:51

TEST - Apply CIS rules for Controlplane

00:02

Cluster Setup - Verify Platform Binaries

5 lectures

Introduction

01:14

Practice - Download and verify K8s release

03:27

Practice - Verify apiserver binary running in our cluster

05:12

Recap

00:31

TEST - Verify Kubelet Binary

00:02

Cluster Hardening - RBAC

10 lectures

Intro

09:10

Practice - Role and Rolebinding

05:00

Practice - ClusterRole and ClusterRoleBinding

04:01

Accounts and Users

04:15

Practice - CertificateSigningRequests

09:25

Recap

01:00

TEST - RBAC ServiceAccount Permissions

00:02

TEST - RBAC User Permissions

00:02

TEST - CertificateSigningRequests Sign Manually

00:02

TEST - CertificateSigningRequests Sign via API

00:02

Cluster Hardening - Exercise caution in using ServiceAccounts

6 lectures

Intro

01:20

Practice - Pod uses custom ServiceAccount

08:58

Practice - Disable ServiceAccount mounting

03:21

Practice - Limit ServiceAccounts using RBAC

02:42

Recap

01:07

TEST - ServiceAccount Token Mounting

00:02

Cluster Hardening - Restrict API Access

11 lectures

Introduction

04:23

Practice - Anonymous Access

04:07

Practice - Insecure Access

04:08

Practice - Manual API Request

03:39

Practice - External Apiserver Access

06:34

NodeRestriction AdmissionController

02:02

Practice - Verify NodeRestriction

03:45

Recap

00:50

TEST - Crash that Apiserver

00:02

TEST - Apiserver Manifest Misconfigured

00:02

TEST - NodeRestriction

00:02

Cluster Hardening - Upgrade Kubernetes

6 lectures

Introduction

06:32

Ubuntu 20.04 Update

00:35

Practice - Create outdated cluster

03:37

Practice - Upgrade controlplane node

06:20

Practice - Upgrade node

03:57

Recap

01:06

Microservice Vulnerabilities - Manage Kubernetes Secrets

11 lectures

Introduction

03:38

Practice - Create Simple Secret Scenario

05:34

Practice - Hack Secrets in Container Runtime

05:42

Practice - Hack Secrets in ETCD

03:47

ETCD Encryption

05:20

Practice - Encrypt ETCD

18:42

Recap

04:50

TEST - Access Secrets in Pods

00:02

TEST - Read Secret Values

00:02

TEST - Secrets Pods and ServiceAccount

00:02

TEST - ETCD Encryption

00:02

Microservice Vulnerabilities - Container Runtime Sandboxes

9 lectures

Introduction

06:35

Practice - Container calls Linux Kernel

03:05

Open Container Initiative OCI

03:25

Sandbox Runtime Katacontainers

02:10

Sandbox Runtime gVisor

02:04

Practice - Create and use RuntimeClasses

03:54

Practice - Install and use gVisor

06:03

Recap

01:07

TEST - gVisor and RuntimeClass

00:02

Microservice Vulnerabilities - OS Level Security Domains

9 lectures

Intro and Security Contexts

03:18

Practice - Set Container User and Group

03:47

Practice - Force Container Non-Root

02:26

Privileged Containers

01:34

Practice - Create Privileged Containers

02:50

PrivilegeEscalation

00:56

Practice - Disable PriviledgeEscalation

01:38

TEST - Privileged Containers

00:02

TEST - Privilege Escalation Containers

00:02

Microservice Vulnerabilities - mTLS

3 lectures

Intro

07:56

Practice - Create sidecar proxy

06:08

Recap

01:06

Open Policy Agent (OPA)

8 lectures

Cluster Reset

00:41

Introduction

05:57

Practice - Install OPA

03:19

Practice - Deny All Policy

10:39

Practice - Enforce Namespace Labels

09:20

Practice - Enforce Deployment replica count

04:31

Practice - The Rego Playground and more examples

04:13

Recap

01:37

Supply Chain Security - Image Footprint

6 lectures

Introduction

04:49

Practice - Reduce Image Footprint with Multi-Stage

06:59

Practice - Secure and harden Images

08:10

Recap

01:54

TEST - Image Footprint User

00:02

TEST - Image Container Hardening

00:02

Supply Chain Security - Static Analysis

9 lectures

Introduction

06:54

Kubesec

02:12

Practice - Kubesec

03:26

OPA Conftest

01:31

Practice - OPA Conftest for K8s YAML

04:07

Practice - OPA Conftest for Dockerfile

03:21

Recap

01:18

TEST - Manual Static Analysis K8s

00:02

TEST - Manual Static Analysis Docker

00:02

Supply Chain Security - Image Vulnerability Scanning

5 lectures

Introduction

07:04

Clair and Trivy

01:07

Practice - Use Trivy to scan images

04:20

Recap

01:04

TEST - Scan images using Trivy

00:02

Supply Chain Security - Secure Supply Chain

8 lectures

Introduction

03:28

Practice - Image Digest

03:58

Practice - Whitelist Registries with OPA

05:39

ImagePolicyWebhook

01:46

Practice - ImagePolicyWebhook

09:52

Recap

00:38

TEST - Complete ImagePolicyWebhook Setup

00:02

TEST - Use Image Digest

00:02

Runtime Security - Behavioral Analytics at host and container level

11 lectures

Introduction

03:22

Practice - Strace

04:22

Practice - Strace and /proc on ETCD

07:08

Practice - /proc and env variables

04:45

Practice - Falco and Installation

04:17

Practice - Use Falco to find malicious processes

05:23

Practice - Investigate Falco rules

04:50

Practice - Change Falco Rule

08:43

Recap

01:29

TEST - Syscall Activity Strace

00:02

TEST - Falco Rule Change

00:02

Runtime Security - Immutability of containers at runtime

6 lectures

Introduction

03:34

Ways to enforce immutability

04:47

Practice - StartupProbe changes container

03:34

Practice - SecurityContext renders container immutable

04:51

Recap

00:50

TEST - Immutability Readonly Filesystem

00:02

Runtime Security - Auditing

6 lectures

Introduction

11:39

Practice - Enable Audit Logging in Apiserver

05:52

Practice - Create Secret and check Audit Logs

03:05

Practice - Create advanced Audit Policy

10:12

Recap

01:22

TEST - Enable Audit Logging

00:02

System Hardening - Kernel Hardening Tools

10 lectures

Introduction

02:45

AppArmor

02:43

Practice - AppArmor for curl

06:08

Practice - AppArmor for Docker Nginx

05:56

Practice - AppArmor for Kubernetes Nginx

05:39

Seccomp

03:33

Practice - Seccomp for Docker Nginx

02:38

Practice - Seccomp for Kubernetes Nginx

07:46

Recap

01:32

TEST - AppArmor

00:02

System Hardening - Reduce Attack Surface

8 lectures

Introduction

04:53

Practice - Systemctl and Services

02:05

Practice - Install and investigate Services

04:49

Practice - Disable application listening on port

02:02

Practice - Investigate Linux Users

04:33

Recap

01:05

TEST - Close Open Ports

00:02

TEST - Manage Packages

00:02

Linux Foundation Simulator Sessions

1 lectures

Linux Foundation Simulator Sessions

00:14

Đánh giá của học viên

Chưa có đánh giá

Course Rating

5

0%

4

0%

3

0%

2

0%

1

0%

Bình luận khách hàng

Viết Bình Luận

Bạn đánh giá khoá học này thế nào?

Email

Nội dung

Khoá học liên quan

CompTIA A+ Core 2 (220-1102) Complete Course & Practice Exam

CompTIA A+ Core 2 (220-1102) Complete Course & Practice Exam

PCB design with KiCad - updated for KiCad 7

PCB design with KiCad - updated for KiCad 7

Self Driving and ROS - Learn by Doing! Odometry & Control

Self Driving and ROS - Learn by Doing! Odometry & Control

Practice Exams | AWS Certified Solutions Architect Associate

Practice Exams | AWS Certified Solutions Architect Associate

Ethical Hacking Course by Black Hat Pakistan

Ethical Hacking Course by Black Hat Pakistan

AWS Cloud for beginner (Vietnamese)

AWS Cloud for beginner (Vietnamese)

OpenStack Essentials

OpenStack Essentials

Java Certification : OCA (1Z0-808) Exam Simulation [2023]

Java Certification : OCA (1Z0-808) Exam Simulation [2023]

Master Big Data - Apache Spark/Hadoop/Sqoop/Hive/Flume/Mongo

Master Big Data - Apache Spark/Hadoop/Sqoop/Hive/Flume/Mongo

Reverse Engineering and Malware Analysis Fundamentals

Reverse Engineering and Malware Analysis Fundamentals

Microsoft Windows Server 2016 Training for Beginners

Microsoft Windows Server 2016 Training for Beginners

Learn Autocad API with C# - MVVM - WPF

Learn Autocad API with C# - MVVM - WPF

Ultimate AWS Certified Solutions Architect Associate SAA-C03

Ultimate AWS Certified Solutions Architect Associate SAA-C03

Website Hacking / Penetration Testing

Website Hacking / Penetration Testing

10 Sample Exams ISTQB Foundation Level (CTFL) v4.0 [NEW!]

10 Sample Exams ISTQB Foundation Level (CTFL) v4.0 [NEW!]

MongoDB : A Complete Database Administration Course

MongoDB : A Complete Database Administration Course

Đăng ký get khoá học Udemy - Unica - Gitiho giá chỉ 50k!

Get khoá học giá rẻ ngay trước khi bị fix.

Get khoá học cho tôi