Certification > Clouds and Containers > Kubernetes and Cloud Native Security Associate (KCSA)
CERTIFICATION

Kubernetes and Cloud Native Security Associate (KCSA)

The Kubernetes and Cloud Native Security Associate (KCSA) exam demonstrates a user’s understanding of the baseline security configuration of Kubernetes clusters to meet compliance objectives, including the ability to harden security controls, test and monitor the security, and participate in assessing security threats and vulnerabilities.

Who Is It For

The KCSA is a pre-professional certification designed for candidates interested in advancing to the professional level through a demonstrated understanding of foundational knowledge and skills of security technologies in the cloud native ecosystem.
read less read more
About This Certification

A certified KCSA will confirm an understanding of the baseline security configuration of Kubernetes clusters to meet compliance objectives.
read less read more
What It Demonstrates

KCSA will demonstrate a candidate’s basic knowledge of the baseline security configuration of Kubernetes clusters to meet compliance objectives, including their ability to harden security controls, test and monitor the security, and participate in assessing security risks and vulnerabilities.
read less read more
Domains & Competencies
Expand All
Collapse All
Overview of Cloud Native Security14%
The 4Cs of Cloud Native Security
Cloud Provider and Infrastructure Security
Controls and Frameworks
Isolation Techniques
Artifact Repository and Image Security
Workload and Application Code Security
Kubernetes Cluster Component Security22%
API Server
Controller Manager
Scheduler
Kubelet
Container Runtime
KubeProxy
Pod
Etcd
Container Networking
Client Security
Storage
Kubernetes Security Fundamentals22%
Pod Security Standards
Pod Security Admissions
Authentication
Authorization
Secrets
Isolation and Segmentation
Audit Logging
Network Policy
Kubernetes Threat Model16%
Kubernetes Trust Boundaries and Data Flow
Persistence
Denial of Service
Malicious Code Execution and Compromised Applications in Containers
Attacker on the Network
Access to Sensitive Data
Privilege Escalation

Platform Security16%
Supply Chain Security
Image Repository
Observability
Service Mesh
PKI
Connectivity
Admission Control
Compliance and Security Frameworks10%
Compliance Frameworks
Threat Modelling Frameworks
Supply Chain Compliance
Automation and Tooling

Prerequisites
There are no pre-requisites for this exam.