This lab is part of a series of practice exam content for the Certified Kubernetes Security Specialist (CKS) certification. Each practice exam in the series provides you with exam-like tasks to perform in a Kubernetes cluster modeled after the clusters used in the real CKS exam. Each practice exam focuses on one particular domain in the CKS exam curriculum. The tasks outlined in the practice exam should be attempted on your own with the consultation of the official Kubernetes documentation, just like in the real exam. If you need assistance with a particular task, the solution and relevant exam tips are provided in the final solution guide lab step in the lab.

This practice exam focuses on the System Hardening domain which is worth 10% of the exam. The System Hardening domain encapsulates the following knowledge, skills, and abilities listed in the exam curriculum:

• Minimize host OS footprint (reduce attack surface)
• Minimize IAM roles
• Minimize external access to the network
• Appropriately use kernel hardening tools such as AppArmor, seccomp

Assessed topics

• Kubernetes system hardening
• Priniciple of least privilege
• AppArmor

Intended Audience

• Kubernetes certification exam candidates
• Kubernetes practitioners

Prerequisites

• Completion of prior content in the Certified Kubernetes Security Specialist (CKS) Exam Preparation learning path is highly recommended.