This lab is part of a series of practice exam content for the Certified Kubernetes Security Specialist (CKS) certification. Each practice exam in the series provides you with exam-like tasks to perform in a Kubernetes cluster modeled after the clusters used in the real CKS exam. Each practice exam focuses on one particular domain in the CKS exam curriculum. The tasks outlined in the practice exam should be attempted on your own with the consultation of the official Kubernetes documentation, just like in the real exam. If you need assistance with a particular task, the solution and relevant exam tips are provided in the final solution guide lab step in the lab.

This practice exam focuses on the Minimize Microservice Vulnerabilities domain which is worth 20% of the exam. The Minimize Microservice Vulnerabilities domain encapsulates the following knowledge, skills, and abilities listed in the exam curriculum:

• Setup appropriate OS level security domains
• Manage Kubernetes secrets
• Use container runtime sandboxes in multi-tenant environments (e.g. gvisor, kata containers)
• Implement pod to pod encryption by use of mTLS

Assessed topics

• Kubernetes microservice vulnerabilities
• Pods
• Secrets

Intended Audience

• Kubernetes certification exam candidates
• Kubernetes practitioners

Prerequisites

• Completion of prior content in the Certified Kubernetes Security Specialist (CKS) Exam Preparation learning path is highly recommended.