[CBTNuggets] Certified Kubernetes Security Specialist (CKS) [2022, ENG]

Страницы:  1
Ответить
 

nosize

Moderator senior

Стаж: 15 лет 10 месяцев

Сообщений: 1366

nosize · 08-Июн-23 00:32 (1 год 5 месяцев назад)

Certified Kubernetes Security Specialist (CKS)
Год выпуска: 2022
Производитель: CBTNuggets
Сайт производителя: https://www.cbtnuggets.com/it-training/kubernetes-training/kubernetes-security-specialist
Автор: Trevor Sullivan
Продолжительность: ~25h
Тип раздаваемого материала: Видеоклипы
Язык: Английский
Описание: This intermediate Certified Kubernetes Security Specialist (CKS) training prepares DevOps professionals to minimize microservice vulnerabilities and set up and harden Kubernetes clusters.
The world of IT has seen a big shift from using virtualized application deployment environments to containerized application deployment environments — and Kubernetes is one of the most popular platforms when creating and managing those environments. So it only makes sense that being able to secure container-based applications and Kubernetes platforms has become a requirement.
With this Kubernetes Security Specialist training, you’ll learn how to secure the containers that bundle and run your applications.
After finishing this Kubernetes training, you'll know how to minimize microservice vulnerabilities and set up and harden Kubernetes clusters.
For anyone who manages DevOps professionals, this Kubernetes training can be used to onboard new DevOps professionals, curated into individual or team training plans, or as a Kubernetes reference resource.
Содержание
Skill:
Intro to Certified Kubernetes Security (CKS)
1. Overview of Kubernetes Certifications
10 mins
2. Kubernetes Cluster and Node Hardening
12 mins
3. Secure Microservices with Service Mesh and Policy
11 mins
4. Discuss Software Supply Chain Security
12 mins
5. Kubernetes Monitoring and Runtime Security
9 mins
Skill:
Intro to Network Policy for Kubernetes
1. Learn Network Policy Security Concepts in Kubernetes
8 mins
2. Block Network Traffic by Source CIDR Block
8 mins
3. Apply Pod Selectors to Kubernetes Network Policy
6 mins
4. Select Network Traffic by Source Namespace
7 mins
5. Apply Egress Rules to Kubernetes Network Policy
9 mins
6. Deploy Example Kubernetes Network Policy Scenario
8 mins
7. Practice Kubernetes Network Policy
7 mins
Skill:
Limiting Access to Kubernetes GUIs
1. Intro to Securing Kubernetes GUIs
14 mins
2. Secure Kubernetes GUIs with Cloud Native Firewalls
10 mins
3. Encrypt Network Packets with Ingress and TLS
7 mins
4. Understand Kubernetes Network Policies for Securing GUIs
6 mins
5. Enable AuthN and AuthZ for Kubernetes GUI Security
7 mins
6. Disable Web UIs for Improved Cluster Security
7 mins
Skill:
Using CIS Benchmark to Evaluate Kubernetes Cluster Security
1. Intro to CIS Benchmarks for Kubernetes
10 mins
2. Discuss the CIS Kubernetes Benchmark Document
10 mins
3. Understand Etcd and Control Plane Authentication Recommendations
10 mins
4. Review Kubernetes Worker Node CIS Benchmarks
10 mins
5. Learn Kubernetes Policy CIS Benchmarks
13 mins
Skill:
Securely Handling Secrets in Kubernetes Clusters
1. Intro to Kubernetes Sealed Secrets
12 mins
2. Deploy Bitnami Sealed Secrets to Kubernetes Cluster
17 mins
3. Encrypt Secrets with Kubeseal CLI Tool
12 mins
4. Deploy and Unwrap Sealed Secret Resources on Kubernetes
6 mins
Skill:
Intro to Chaos Testing Kubernetes Clusters
1. Intro to Chaos Mesh for Kubernetes
12 mins
2. Install Chaos Mesh on Kubernetes Clusters
15 mins
3. Explore the Chaos Mesh Dashboard UI
8 mins
4. Inject HTTP Chaos Mesh Experiment into Pods
17 mins
Skill:
Signing Container Images for Kubernetes Deployment
1. Intro to Signing Container Images
11 mins
2. Understanding Sigstore Cosign CLI
12 mins
3. Install Cosign CLI and Generate Key Pair
13 mins
4. Build and Digitally Sign Container Image with Cosign
14 mins
Skill:
Control Network Traffic in Kubernetes with Open Service Mesh
1. Intro to Open Service Mesh for Kubernetes
9 mins
2. Understand Open Service Mesh Installation Process
10 mins
3. Install Open Service Mesh on Kubernetes with OSM CLI
9 mins
4. Onboard Kubernetes Namespaces to Open Service Mesh
9 mins
5. Verify Service Connectivity from OSM Client Pod
7 mins
6. Limit Network Connectivity with OSM IngressBackend Resource
13 mins
Skill:
Securely Store Secrets in Kubernetes with Vault
1. Intro to Hashicorp Vault on Kubernetes
7 mins
2. Understanding Hashicorp Vault Architecture on Kubernetes
9 mins
3. Install Hashicorp Vault on Kubernetes with Helm
11 mins
4. Initialize and Unseal Hashicorp Vault and Create Secret
9 mins
5. Create Vault Permissions Policy and Role
8 mins
6. Inject Hashicorp Vault Secrets into Kubernetes Pod
12 mins
Skill:
Implement Pod Security Policies in Kubernetes
1. Intro to Pod Security Policies
9 mins
2. Learn Pod Security Policy Architecture
8 mins
3. Test Default Behavior of Kubernetes PSPs
12 mins
4. Create Kubernetes Service Account and Pod Security Policy
6 mins
5. Create Role and Validate PSP Behavior
9 mins
Skill:
Understanding Kubernetes Admission Controllers
1. Intro to Kubernetes Admission Controllers
13 mins
2. Learn About Dynamic Admission Controllers
10 mins
3. Examine Built-in Kubernetes Admission Controllers
14 mins
4. Customize Kubernetes (k3s) API Server Admission Plugins
14 mins
Skill:
Master Auditing in Kubernetes Clusters
1. Intro to Auditing in Kubernetes
13 mins
2. Understanding Kubernetes Audit Policy Configuration
13 mins
3. Install K3S and Enable Audit Logging
12 mins
4. Enable Kubernetes Audit Backend
9 mins
Skill:
Working with Kubernetes Events
1. Intro to Kubernetes Event Resources
17 mins
2. Explore Kubernetes Event Schema
11 mins
3. Understand Node Level Events in Kubernetes
6 mins
4. Explore Pod Events in Kubernetes
9 mins
5. Filter Kubernetes Events with Kubectl CLI
9 mins
Skill:
Process Kubernetes Audit Logs with PowerShell
1. Intro to Processing Kubernetes Audit Logs
10 mins
2. Provision Kubernetes Audit Database with MySQL
11 mins
3. Connect to MySQL Database from PowerShell and VSCode
13 mins
4. Parse Kubernetes JSON Audit Logs and Insert MySQL Records
16 mins
Skill:
Validate Container Image Signatures in Kubernetes
1. Intro to Container Image Verification in Kubernetes
18 mins
2. Customize Connaisseur Helm Variables
10 mins
3. Install Connaisseur Helm Chart
7 mins
4. Build and Test Signed Container Image
17 mins
Skill:
Scan Linux Container Images for Vulnerabilities with Trivy
1. Intro to Container Image Vulnerability Scanning Tools
9 mins
2. Explore Trivy Scanner Functionality
11 mins
3. Deep Dive Into Trivy Vulnerability Data Sources
12 mins
4. Run Trivy Vulnerability Scan on Linux VM
16 mins
Skill:
Detect Runtime Security Threats with Falco
1. Intro to Falco Open Source Event Detection
11 mins
2. Learn About Falco Sidekick Utility
9 mins
3. Engage with the Falco Development Community
8 mins
4. Install Falco on Linux Virtual Machine
9 mins
5. Review Falco Configuration Files and Launch Falco
12 mins
Skill:
Secure Kubernetes Access with Teleport
1. Intro to Teleport Proxy Security for Kubernetes
7 mins
2. Understanding Teleport Architecture on Kubernetes
8 mins
3. Install Teleport Proxy on Kubernetes Cluster
10 mins
4. Configure Teleport DNS Endpoint and User
14 mins
5. Login to Kubernetes Cluster via Teleport CLI
12 mins
Skill:
Enforce Kubernetes Resource Configuration with Kyverno Policies
1. Intro to Kyverno Policy Management for Kubernetes
16 mins
2. Install Kyverno on Kubernetes Cluster with Helm
14 mins
3. Examine Kyverno Policy Library and Network Policy
10 mins
4. Apply Kyverno Policy to Enforce Kubernetes Quotas
7 mins
Skill:
Monitoring Kubernetes with Sumo Logic
1. Intro to Kubernetes Monitoring with Sumo Logic
10 mins
2. Install Sumo Logic Helm Chart on Kubernetes Cluster
10 mins
3. Explore Sumo Logic Open Source Components
9 mins
4. Explore Built-in Kubernetes Dashboards in Sumo Logic
9 mins
5. Understanding Kubernetes E-mail Alerts in Sumo Logic
11 mins
Skill:
Understanding Dynamic Admission Controllers for Kubernetes
1. Intro to Kubernetes Dynamic Admission Controllers
8 mins
2. Learn Basic Structure of Validating Webhook Configuration
8 mins
3. Understanding Kubernetes Webhook Configuration Rules
9 mins
4. Setting the Client Config for Kubernetes Webhook Configs
7 mins
5. Understanding Extra Webhook Config Options
6 mins
6. Inspect Validating Webhook Config Requests
12 mins
Skill:
Automate Container Image Scanning in GitHub Actions
1. Intro to Container Image Scanning with GitHub Actions
13 mins
2. Create Simple GitHub Actions Project
6 mins
3. Install and Run Trivy in GitHub Actions
16 mins
4. Abort GitHub Actions Workflow on Detected Vulnerabilities
5 mins
5. Improve Trivy Performance in GitHub Actions
14 mins
Skill:
Explore Chaos Mesh Experiments for Kubernetes Clusters
1. Schedule Chaos Mesh Experiments with Cron Expressions
20 mins
2. Develop Complex Chaos Mesh Workflows
15 mins
3. Inject Stress Chaos into Kubernetes Pods
8 mins
4. Perform Kubernetes Network Attacks with Chaos Mesh
10 mins
Skill:
Implement Pod Security Standards in Kubernetes
1. Intro to Pod Security Standards
15 mins
2. Implement Warning for Baseline Pod Security Standard on Namespace
17 mins
3. Enforce Baseline Pod Security Standard Versions
11 mins
4. Apply Pod Security Standard to Entire Kubernetes Cluster
11 mins
Skill:
Control Kubernetes API Priority and Fairness
1. Intro to Kubernetes API Priority and Fairness
8 mins
2. Understanding API Priority & Fairness Resources
8 mins
3. Examine Kubernetes FlowSchema Resource Type
11 mins
4. Validate FlowSchema Applied During k8s API Requests
10 mins
5. Explore Kubernetes Priority Level Configuration Queues
9 mins
Skill:
Validate Kubernetes Infrastructure with PowerShell Pester Tests
1. Intro to Kubernetes Infrastructure Testing with Pester
7 mins
2. Discuss Specific Use Cases for Automated Kubernetes Testing
8 mins
3. Setting Up PowerShell and Pester Dev Environment
5 mins
4. Write Pester Test for Kubernetes Pods in Default Namespace
11 mins
5. Write Pester Test for Kubernetes Deployment Replica Count
9 mins
6. Add Pester Template Strings to Test Cases
7 mins
7. Write Pester Test for Kubernetes Cluster Role Bindings
10 mins
Skill:
Understanding Open Policy Agent
1. What's Driving the Need for Policy?
8 mins
2. Intro to Open Policy Agent (OPA) Concepts
9 mins
3. Understand OPA Gatekeeper Architecture with Kubernetes
9 mins
4. Install OPA Gatekeeper on Kubernetes Cluster
8 mins
5. Deploy OPA Constraints to Kubernetes Cluster
10 mins
6. Remediate Audit Violations from OPA Gatekeeper
10 mins
Skill:
Validate Kubernetes Resource Configurations with Datree
1. Intro to Kubernetes Resource Validation with Datree
11 mins
2. Run Datree CLI Against Local Kubernetes Manifest
9 mins
3. Skip Datree Policy Rules with Resource Annotations
9 mins
4. Evaluate Datree Policy Rules on Live Kubernetes Resources
13 mins
5. Configure Datree Policies Centrally or Locally
9 mins
Skill:
Develop Rego Policies for Open Policy Agent
1. Intro to Rego for Open Policy Agent (OPA)
8 mins
2. Create Rego Policy and Parse with OPA CLI
9 mins
3. Write Rego Policy Tests and Execute with OPA CLI
8 mins
4. Pass Inputs to Rego Policies and Use String Functions
9 mins
5. Evaluate Rego Policy Return Values
9 mins
6. Implement Time Window Policy in Rego
8 mins
Файлы примеров: не предусмотрены
Формат видео: MP4
Видео: AVC, 1920x1080, 16:9, 30fps, ~3500kbps
Аудио: AAC, 48kHz, 94kbps, stereo
Скриншоты
Download
Rutracker.org не распространяет и не хранит электронные версии произведений, а лишь предоставляет доступ к создаваемому пользователями каталогу ссылок на торрент-файлы, которые содержат только списки хеш-сумм
Как скачивать? (для скачивания .torrent файлов необходима регистрация)
[Профиль]  [ЛС] 

KrishRocks

Стаж: 2 года 5 месяцев

Сообщений: 130


KrishRocks · 05-Июл-23 23:48 (спустя 27 дней)

Hi @All,
If anybody need same course in small size
https://www.freecoursesonline.me/cbt-nuggets-certified-kubernetes-security-specialist-cks/
[Профиль]  [ЛС] 

tearose750

Стаж: 1 год 4 месяца

Сообщений: 11


tearose750 · 03-Ноя-23 19:43 (спустя 3 месяца 28 дней, ред. 03-Ноя-23 19:43)

Очень очень ОЧЕНЬ много воды. Г-н Салливан болтливый как баба.
Я был неправ. Там ОДНА вода. Вероятность сдать CKS после сего курса равна нулю.
[Профиль]  [ЛС] 
 
Ответить
Loading...
Error