This instructor-led course provides skills and knowledge across a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment, and runtime.
INSTRUCTOR-LED COURSE
Kubernetes Security Fundamentals (LFS460)
Who Is It For
This course is ideal for anyone holding a CKA certification and interested in or responsible for cloud security.
read less
read more
What You’ll Learn
This course exposes you to knowledge and skills needed to maintain security in dynamic, multi-project environments. This course addresses security concerns for cloud production environments and covers topics related to the security container supply chain, discussing topics from before a cluster has been configured through deployment, and ongoing, as well as agile use, including where to find ongoing security and vulnerability information. The course includes hands-on labs to build and secure a Kubernetes cluster, as well as monitor and log security events.
read less
read more
What It Prepares You For
This course is designed as preparation for the Certified Kubernetes Security Specialist (CKS) exam and will substantially increase students’ ability to become certified.
read less
read more
Introduction
- Linux Foundation Training
- Linux Foundation Certifications
- Linux Foundation Digital Badges
- Laboratory Exercises, Solutions and Resources
- E-Learning Course: LFS260
- Distribution Details
- Labs
Cloud Security Overview
- What is Security?
- Assessment
- Prevention
- Detection
- Reaction
- Classes of Attackers
- Types of Attacks
- Attack Surfaces
- Hardware and Firmware Considerations
- Security Agencies
- Manage External Access
- Labs
Preparing to Install
- Runtime Sandbox
- Verify Platform Binaries
- Minimize Access to GUI
- Policy Based Control
- Labs
Installing the Cluster
- Tools to Harden the Kernel
- Kernel Hardening Examples
- Mitigating Kernel Vulnerabilities
- Labs
Securing the kube-apiserver
- Enable Kube-apiserver Auditing
- Configuring RBAC
- Pod Security Policies
- Minimize IAM Roles
- Protecting etcd
- CIS Benchmark
- Using Service Accounts
- Labs
Networking
- Network Plugins
- iptables
- Mitigate Brute Force Login Attempts
- Netfilter rule management
- Netfilter Implementation
- nft Concepts
- Ingress Objects
- Pod to Pod Encryption
- Restrict Cluster Level Access
- Labs
Workload Considerations
- Static Analysis of Workloads
- Runtime Analysis of Workloads
- Container Immutability
- Mandatory Access Control
- SELinux
- AppArmor
- Generate AppArmor Profiles
- Labs
Issue Detection
- Preparation
- Understanding an Attack Progression
- During an Incident
- Handling Incident Aftermath
- Intrusion Detection Systems
- Threat Detection
- Behavioral Analytics
- Labs
Domain Reviews
- Labs
Closing and Evaluation Survey
Sep 2021
Great content, and detailed explanations for the kernel side of a Kubernetes implementation.
Mar 2021
Excellent course, and excellent instructor.
Mar 2021
Interactive sessions, and listening to the instructor's real life experiences.
Mar 2021
Great instructor - was happy to be open on approaches in security, what works and what doesn't work.
Mar 2021
A very good mix of theory and practical. Very knowledgeable instructor, and I feel more confident about preparing for the exam now.
$3250
Feb, 22 - 25, 2022
9:00 am - 5:00 pm US/Central
Virtual, Instructor-Led
Apr, 4 - 7, 2022
9:00 am - 5:00 pm US/Central
Virtual, Instructor-Led
May, 9 - 12, 2022
9:00 am - 5:00 pm US/Central
Virtual, Instructor-Led
Jun, 13 - 16, 2022
9:00 am - 5:00 pm US/Central
Virtual, Instructor-Led
Dates don't work? Check out our partner schedule
Live Online (Virtual) or Live (Classroom)
4 days of Instructor-led class time
Hands-on Labs & Assignments
Resources & Course Manual
Certificate of Completion
Digital Badge
12 Months of Access to Online Course
Registration for CKS exam
