Instructor-Led Red Hat Training
Kubernetes and Cloud Native Security Associate
3 days
The Kubernetes and Cloud Native Security Associate (KCSA) certification offered by the Linux Foundation, is designed for IT professionals, system administrators, and developers who want to specialize in Kubernetes security and cloud-native security practices. It demonstrates a candidate’s understanding of baseline security configurations, risk identification, and basic control implementation in Kubernetes clusters.
Students will learn:
- Overview of Cloud Native Security
- Kubernetes Cluster Component Security,
- Kubernetes Security Fundamentals,
- Kubernetes Threat Model,
- Platform Security
- Compliance and Security Frameworks
- Domains & Competencies for the KCSA exam
Course Outline
Overview of Cloud Native Security
- The 4Cs of Cloud Native Security
- Cloud Provider and Infrastructure Security
- Controls and Frameworks
- Isolation Techniques
- Artifact Repository and Image Security
- Workload and Application Code Security
Kubernetes Cluster Component Security
- API Server
- Controller Manager
- Scheduler
- Kubelet
- Container Runtime
- KubeProxy
- Pod
- Etcd
- Container Networking
- Client Security
- Storage
Kubernetes Security Fundamentals
- Pod Security Standards
- Pod Security Admissions
- Authentication
- Authorization
- Secrets
- Isolation and Segmentation
- Audit Logging
- Network Policy
Kubernetes Threat Model
- Kubernetes Trust Boundaries and Data Flow
- Persistence
- Denial of Service
- Malicious Code Execution and Compromised
- Applications in Containers
- Attacker on the Network
- Access to Sensitive Data
- Privilege Escalation
Platform Security
- Supply Chain Security
- Image Repositor
- Observability
- Service Mesh
- PKI
- Connectivity
- Admission Control
Compliance and Security Frameworks
- Compliance Frameworks
- Threat Modelling Frameworks
- Supply Chain Compliance
- Automation and Tooling