Open in app

Sign in

Write

Sign in

How To Pass the New CKS Exam v1.20

tarun mittal
4 min readMar 23, 2021

The Certified Kubernetes Security Specialist (CKS) exam is released in Nov.2020 and it is getting so much popularity amongst the three Kubernetes certification exams, having the CKA is the pre-requisite for this exam. You need to answer around 15 questions in the exam, under the 2 hrs.

CKS Curriculum v1.20

Minimize Microservice Vulnerabilities — 20%Supply Chain Security — 20%Monitoring, Logging and Runtime Security — 20%System Hardening — 15%Cluster Hardening — 15%Cluster Setup — 10%

For the latest version visit: https://github.com/cncf/curriculum/

Preparation:

I get started with the walidshaari GitHub repository which you can find in the resources section below, after going through the repository I have able to find that I need some more knowledge on the topics before fighting the exam, so then I started with the Zeal Vora course for CKS on udemy, after that for practicing and clearing some leftover doubts I gone through the CKS course of Kim Wustkamp on Udemy, which also comes with the EXAM Simulator, which is good for practicing before the final exam.

  1. Walidshaari Github Repo
    (https://github.com/walidshaari/Certified-Kubernetes-Security-Specialist)
  2. Zeal Vora CKS Course on Udemy
    (https://www.udemy.com/course/certified-kubernetes-security-specialist-certification/)
  3. Kim Wustkamp Course on Udemy
    (https://www.udemy.com/course/certified-kubernetes-security-specialist/)

Practice:

Now after getting knowledge on all the topics related to the exam curriculum, the question which is in my mind is HOW TO PRACTICE THE STUFF. so somehow I started with documentation, trying to think about what kind of questions can be asked in the exam from the topics, I listed down that topic and start practicing.

  1. Kim Wustkamp Course and Zeal Vora Course have some questions which you can practice.
  2. For Practicing Network Policies you can visit:-https://github.com/ahmetb/kubernetes-network-policy-recipes

3. For the AppArmor and Seccomp, you can take the help of the different learning platforms, I use LinuxAcademy and AcloudGuru for that, there is some course that talks about it.

4. Kubernetes Security and Kubernetes Security (Advanced Concepts) courses are there in LinuxAcademy which can also help you understand the topics better.

Tips:

  1. First of all read the questions carefully, because it is not easy as it seems.(THIS WAS THE TIP COMING DIRECTALLY FROM MY CKA BLOG, BUT IT IS IMPORTANT)
    DON’T Just directly rush over the terminal to solve the question, read it twice before doing anything.
  2. Use the imperative command as much as possible it will save your time as well as effort. (For creating Role, RoleBinding, Secrets, SA, POD, etc.).
  3. ONE VERY IMPORTANT TIP IS THAT NOTEPAD IS NOT AVAILABLE IN THIS EXAM AS IT IS AVAILABLE IN OTHER EXAMS, Examiner also told you this before the exam, so if you have anything to write, create some file in the system. I used it as a checklist for my questions.
  4. Carefully changed the context while attempting any questions.
  5. Time Management is the main concern in the CKS Exam, but if you know the thing and had a clear understanding of what needs to done in question. you will be able to complete the exam in 2 hrs, DON’T gets panic because First:- if it is your first attempt then you have the other left.
    Second:- is that you only need 67% to crack the exam.
  6. One thing to take care of is, in some questions you need to perform the task on either the master node or the slave node, so take care while doing the ssh on the nodes.
  7. And in the exam, you need to modify some of the files, so please take the backup of that file before making any changes, so if anything goes wrong or something is not working you can restore and start it again.
  8. A good thing in CKS Exam is, that in some questions you will find the example manifest of the task which you need to perform in questions, the file is stored at some location. It saves time from copying from documentation and then modifying. So, Take the most out of it. For e.g:-
apiVersion: v1
kind: Pod
metadata:
  name: 
spec:
  containers:
    - name: 
      image:ORapiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata:
  namespace: 
  name: 
rules:
- apiGroups: []
  resources: []
  verbs: []

Thanks for reading, I think this guide will help you to achieve and learn something new for the CKS Exam and to helps you to Crack the Exam as well.

Good Luck with the Exam……

Check out this blog for Image-policy-webhook:-
https://mittaltarun9715.medium.com/image-policy-webhook-with-kube-image-bouncer-719f8aa44cbf

In Case of Any Issues and Questions, you can connect me on LinkedIn:

https://www.linkedin.com/in/tarun-mittal-1507/

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Kubernetes
Kubernetes Security
Cks Exam
Ck
K8s Security

tarun mittal
tarun mittal

Written by tarun mittal

27 Followers
2 Following

Currently Working As A DevOps Engineer. Loves to Troubleshoot.

Responses (1)

Write a response

What are your thoughts?

More from tarun mittal

See all from tarun mittal

Recommended from Medium

See more recommendations

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams