This lab is part of a series of practice exam content for the Certified Kubernetes Security Specialist (CKS) certification. Each practice exam in the series provides you with exam-like tasks to perform in a Kubernetes cluster modeled after the clusters used in the real CKS exam. Each practice exam focuses on one particular domain in the CKS exam curriculum. The tasks outlined in the practice exam should be attempted on your own with the consultation of the official Kubernetes documentation, just like in the real exam. If you need assistance with a particular task, the solution and relevant exam tips are provided in the final solution guide lab step in the lab.

This practice exam focuses on the Cluster Hardening domain which is worth 15% of the exam. The Cluster Hardening domain encapsulates the following knowledge, skills, and abilities listed in the exam curriculum:

• Restrict access to Kubernetes API
• Use Role Based Access Controls to minimize exposure
• Exercise caution in using service accounts e.g. disable defaults, minimize permissions on newly created ones
• Update Kubernetes frequently

Assessed topics

• Kubernetes cluster hardening
• Service accounts
• Role-Based Access Controls (RBAC)

Intended Audience

• Kubernetes certification exam candidates
• Kubernetes practitioners

Prerequisites

• Completion of prior content in the Certified Kubernetes Security Specialist (CKS) Exam Preparation learning path is highly recommended.